How severe is CVE-2022-4903?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2022-4903?

This is classified as CWE-927, which is a common weakness in software security.

CVE-2022-4903 - HIGH Severity | CVSS 8.1

Vulnerability Description

A vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version 7.0.71 is able to address this issue. The patch is identified as dad49c9ef26a598619fc48d2697151a02987d478. It is recommended to upgrade the affected component. VDB-220470 is the identifier assigned to this vulnerability.

Related Vulnerabilities

CVE-2023-44122

HIGH

CVSS:7.8(High)

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideA...

CWE-9272023

CVE-2023-44122

HIGH

CVSS:7.8(High)

CWE-9272023

CVE-2022-33734

MEDIUM

CVSS:5.5(Medium)

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.

CWE-9272022

CVE-2022-36829

MEDIUM

CVSS:5.5(Medium)

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.

CWE-9272022

CVE-2022-36830

MEDIUM

CVSS:5.5(Medium)

PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.

CWE-9272022

CVE-2023-44127

MEDIUM

CVSS:5.5(Medium)

he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same devic...

CWE-9272023