{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T23:02:21.633","vulnerabilities":[{"cve":{"id":"CVE-2020-0020","sourceIdentifier":"security@android.com","published":"2020-02-13T15:15:11.623","lastModified":"2024-11-21T04:52:45.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143118731"},{"lang":"es","value":"En la función getAttributeRange del archivo ExifInterface.java, se presenta un posible fallo al redactar la información de ubicación desde los archivos multimedia, debido a una comprobación de límites incorrecta. Esto podría conllevar a una divulgación local de información con los privilegios de ejecución User necesarios. No es necesaria una interacción del usuario para su explotación. Producto: Android, Versiones: Android-10, ID de Android: A-143118731."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:N/A:N","baseScore":4.9,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D558D965-FA70-4822-A770-419E73BA9ED3"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2020-02-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/2020-02-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}