CVE-2020-11990
N/A
N/A
Summary
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Apache Cordova ( cordova-plugin-camera ) | cordova-plugin-camera@4.1.0 and below | affected |
Weaknesses
- Exposure of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
- https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
- http://jvn.jp/en/jp/JVN59779918/index.html
References
- https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
- http://jvn.jp/en/jp/JVN59779918/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.