In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
Metrics
Affected Vendors & Products
References
History
Sat, 14 Sep 2024 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift Devspaces
|
|
CPEs | cpe:/a:redhat:openshift_devspaces:3::el8 | |
Vendors & Products |
Redhat openshift Devspaces
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2021-02-10T16:50:15
Updated: 2024-08-03T15:40:00.192Z
Reserved: 2020-11-06T00:00:00
Link: CVE-2021-0341
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-02-10T17:15:22.037
Modified: 2024-11-21T05:42:32.723
Link: CVE-2021-0341
Redhat