• caglararli@hotmail.com
  • 05386281520

CVE-2021-4438 | kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android SmsUserConsentModule.kt registerReceiver improper export of android application components

Çağlar Arlı      -    39 Views

CVE-2021-4438 | kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android SmsUserConsentModule.kt registerReceiver improper export of android application components

A vulnerability, which was classified as critical, has been found in kyivstarteam react-native-sms-user-consent up to 1.1.4 on Android. Affected by this issue is the function registerReceiver of the file android/src/main/java/ua/kyivstar/reactnativesmsuserconsent/SmsUserConsentModule.kt. The manipulation leads to improper export of android application components. This vulnerability is handled as CVE-2021-4438. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.