01642 06 11 11 Arrange Call

ExifInterface.java: Location Information Redaction Failure

CVE-2020-0020 · MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2020-0020

In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143118731

Learn more about our Cis Benchmark Audit For Google Android.