CVE ID : CVE-2024-10382
Published : Nov. 20, 2024, 11:15 a.m. | 1 hour, 1 minute ago
Description : There exists a code execution vulnerability in the Car App Android Jetpack Library. In the CarAppService desrialization logic is used that allows for arbitrary java classes to be constructed. In combination with other gadgets, this can lead to arbitrary code execution. An attacker needs to have an app on a victims Android device that uses the CarAppService Class and the victim would need to install a malicious app alongside it. We recommend upgrading the library past version 1.7.0-beta02
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…