Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-0988
CVE-2021-0988:
NixOS vulnerability analysis and mitigation
Overview
In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed without proper authorization. This vulnerability was identified as CVE-2021-0988 and was disclosed in December 2021, affecting Android systems (NVD).
Technical details
The vulnerability exists in the ActivityClientController.java component, specifically in the getLaunchedFromUid and getLaunchedFromPackage methods. It potentially allows unauthorized detection of installed applications on the system.
Impact
The vulnerability could allow attackers to determine whether specific applications are installed on a target Android device, potentially compromising user privacy and enabling targeted attacks based on the presence or absence of certain applications.
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management