GHSA-3r34-vmwj-2j86
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147234020
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 15, 2025 6:12 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.