PUB-A-231585645

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-231585645.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-231585645
Aliases
  • A-231585645
  • CVE-2022-20530
Published
2022-12-01T00:00:00Z
Modified
2026-01-26T16:50:44.533523Z
Summary
[none]
Details

In strings.xml, there is a possible permission bypass due to a misleading string. This could lead to remote information disclosure of call logs with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "types": [
        "ID"
    ],
    "spl": "2022-12-01",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/8b83094ae3080495f6f95d0a1549ccc5594b5354"
    ],
    "severity": "Moderate"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-231585645.json"