In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900
History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00552}

epss

{'score': 0.00474}


cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2018-10-02T19:00:00Z

Updated: 2024-09-16T22:46:09.161Z

Reserved: 2018-04-05T00:00:00

Link: CVE-2018-9493

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-02T19:29:05.027

Modified: 2024-11-21T04:15:35.010

Link: CVE-2018-9493

cve-icon Redhat

No data.