CVE-2022-28783

Summary

Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile DevicesQ(10), R(11), S(12) < SMR May-2022 Release 1affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References