Platform Packages Modules Healthfitness vulnerabilities
3 known vulnerabilities affecting platform/packages_modules_healthfitness.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN3
Vulnerabilities
Page 1 of 1
CVE-2024-31323UNKNOWN≥ 14-next:0, < 14-next:2024-06-01≥ 14:0, < 14:2024-06-012024-06-01
CVE-2024-31323 CVE-2024-31323: In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-23706UNKNOWN≥ 14-next:0, < 14-next:2024-05-01≥ 14:0, < 14:2024-05-012024-05-01
CVE-2024-23706 CVE-2024-23706: In multiple locations, there is a possible bypass of health data permissions due to an improper input validation
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-0052UNKNOWN≥ 14-next:0, < 14-next:2024-03-01≥ 14:0, < 14:2024-03-012024-03-01
CVE-2024-0052 CVE-2024-0052: In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check
In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv