RSS   Vulnerabilities for 'Play core library'   RSS

2020-08-12
 
CVE-2020-8913

CWE-22
 

 
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.

 

 >>> Vendor: Android 5 Products
Android sdk
Android browser
Android
Opencore
Play core library


Copyright 2024, cxsecurity.com

 

Back to Top