CVE-2024-0245

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-0245
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0245.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-0245
Published
2025-03-20T10:15:13.043Z
Modified
2026-04-10T05:07:51.936020Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a malicious app that hijacks the legitimate Inure app, intercepting and stealing sensitive information when installed on the victim's device. This issue affects all Android versions before Android 11.

References

Affected packages

Git / github.com/hamza417/inure

Affected ranges

Type
GIT
Repo
https://github.com/hamza417/inure
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9f53de61b48018e3190739a8970bec9a7461e194
Fixed
a0c3e68b0542bcd7007c93618e0d50a5331de061
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "build97"
        }
    ]
}

Affected versions

Other
Build45
Build46
Build50
Build51
Build52
Build53
build44
build45
build47
build48
build49
build55
build56
build57
build58
build59
build60
build61
build62
build63
build64
build65
build66
build67
build68
build69
build70
build71
build72
build73
build74
build75
build76
build77
build78
build79
build80
build83
build85
build86
build87
build88
build89
build91
build92
build93
build94
build95
build96

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0245.json"