GHSA-r5j9-cg6w-wr7p

Source
https://github.com/github/advisory-database/blob/main/advisories/unreviewed/2022/02/GHSA-r5j9-cg6w-wr7p/GHSA-r5j9-cg6w-wr7p.json
Aliases
Published
2022-02-12T00:00:42Z
Modified
2022-02-18T00:00:42Z
Details

In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-196969991

References

Affected packages