Platform Packages Apps Keychain vulnerabilities
3 known vulnerabilities affecting platform/packages_apps_keychain.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN3
Vulnerabilities
Page 1 of 1
CVE-2022-20230UNKNOWN≥ 10:0, < 10:2022-07-01≥ 11:0, < 11:2022-07-01+2 more2022-07-01
CVE-2022-20230 CVE-2022-20230: In choosePrivateKeyAlias of KeyChain
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
osv
CVE-2021-0963UNKNOWN≥ 9:0, < 9:2021-12-01≥ 10:0, < 10:2021-12-01+2 more2021-12-01
CVE-2021-0963 CVE-2021-0963: In onCreate of KeyChainActivity
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
osv
CVE-2020-0460UNKNOWN≥ 11:0, < 11:2020-12-012020-12-01
CVE-2020-0460 CVE-2020-0460: In createNameCredentialDialog of CertInstaller
In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv