VYPR

ManagedProvisioning

by Google

CVEs (3)

  • CVE-2025-26454HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed…

  • CVE-2023-21275HigAug 14, 2023
    risk 0.51cvss 7.8epss 0.00

    In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2025-26443HigSep 4, 2025
    risk 0.47cvss 7.3epss 0.00

    In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…