Loading HuntDB...

GHSA-pppm-qqpf-jj26

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-238605611

Related CVEs

Key Information

GHSA ID
GHSA-pppm-qqpf-jj26
Published
November 9, 2022 12:00 PM
Last Modified
November 9, 2022 7:02 PM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 31, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.