CVE-2017-0381
HIGH7.8EPSS 0.15%opus - security update
發布日:2017/1/12修改日:2026/4/28
描述
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.
受影響套件(2)
- Debian/opusfrom 0, < 1.2~alpha2-1
- Debian/opusfrom 0, < 0.9.14+20120615-1+nmu1+deb7u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |