VYPR

Launcher3

by Google

CVEs (2)

  • CVE-2023-40097HigDec 4, 2023
    risk 0.51cvss 7.8epss 0.00

    In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2023-35682HigSep 11, 2023
    risk 0.51cvss 7.8epss 0.00

    In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.