{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T00:19:53.947","vulnerabilities":[{"cve":{"id":"CVE-2022-20393","sourceIdentifier":"security@android.com","published":"2022-09-13T20:15:09.433","lastModified":"2024-11-21T06:42:43.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-233735886"},{"lang":"es","value":"En la función extract3GPPGlobalDescriptions del archivo TextDescriptions.cpp, se presenta una posible lectura fuera de límites debido a un desbordamiento de enteros. Esto podría conllevar a una divulgación de información local desde el servidor de medios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-11 Android-12 Android-12L, ID de Android: A-233735886"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*","matchCriteriaId":"F8FB8EE9-FC56-4D5E-AE55-A5967634740C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*","matchCriteriaId":"C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2022-09-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/2022-09-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}