CVE-2022-22270

An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:46

Type Values Removed Values Added
CVSS v2 : 4.3
v3 : 3.3
v2 : 4.3
v3 : 4.4
References () https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=1 - Vendor Advisory () https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=1 - Vendor Advisory

Information

Published : 2022-01-10 14:12

Updated : 2024-11-21 06:46


NVD link : CVE-2022-22270

Mitre link : CVE-2022-22270

CVE.ORG link : CVE-2022-22270


JSON object : View

Products Affected

google

  • android
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-552

Files or Directories Accessible to External Parties