{"id":"ASB-A-151095863", "published":"2020-08-01T00:00:00Z", "modified":"2026-06-08T15:01:31.246215948Z", "aliases":["CVE-2020-0239", "A-151095863"], "details":"In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a file (eg. a photo) containing location metadata with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2020-08-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99"], "severity":"High", "spl":"2020-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":true, "digest":{"line_hashes":["317608742623122761583210935009311251097", "252414099317822990793276680733306928188", "302195094085563216764470962474484386547", "209752131819447677169480303906632789784"], "threshold":0.9}, "id":"ASB-A-151095863-b01392ee", "match_only_versions":["9"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99", "target":{"file":"core/java/android/provider/DocumentsProvider.java"}}, {"deprecated":true, "digest":{"function_hash":"218178791719829246266360722476034823838", "length":5252}, "id":"ASB-A-151095863-c2e638ee", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99", "target":{"file":"core/java/android/provider/DocumentsProvider.java", "function":"callUnchecked"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2020-08-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99"], "severity":"High", "spl":"2020-08-01", "types":["ID"], "vanir_signatures":[{"deprecated":true, "digest":{"line_hashes":["317608742623122761583210935009311251097", "252414099317822990793276680733306928188", "302195094085563216764470962474484386547", "209752131819447677169480303906632789784"], "threshold":0.9}, "id":"ASB-A-151095863-138308c4", "match_only_versions":["10"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99", "target":{"file":"core/java/android/provider/DocumentsProvider.java"}}, {"deprecated":true, "digest":{"function_hash":"218178791719829246266360722476034823838", "length":5252}, "id":"ASB-A-151095863-b66751a3", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99", "target":{"file":"core/java/android/provider/DocumentsProvider.java", "function":"callUnchecked"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2020-08-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/556de438237965857fde874d22aff0c4232d4d99"}]}