ГлавнаяУязвимости → CVE-2018-9467
9.8критическая

CVE-2018-9467

Описание

In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation.

Затрагиваемое ПО
Google Android
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://source.android.com/security/bulletin/2018-09-01