CVE-2021-4438 | kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android SmsUserConsentModule.kt registerReceiver improper export of android application components

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The manipulation leads to improper export of android application components.

This vulnerability is handled as CVE-2021-4438. Attacking locally is a requirement. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2021-4438 | kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android SmsUserConsentModule.kt registerReceiver improper export of android application components

Post correlati

CVE-2024-9349 | Auto Amazon Links Plugin up to 5.4.2 on WordPress cross site scripting

CVE-2024-40417 | Tenda AX1806 1.0.0.1 /goform/SetIpMacBind formSetRebootTimer list stack-based overflow

CVE-2023-32366 | Apple macOS Font File out-of-bounds write

CVE-2024-5790 | Happy Addons for Elementor Plugin up to 3.11.1 on WordPress Gradient Heading Widget cross site scripting