{"id":"ASB-A-283962802", "published":"2023-12-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-35668", "A-283962802"], "details":"In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14-next:0"}, {"fixed":"14-next:2023-12-01"}]}], "versions":["14-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/d770f706d943a7ff3095fb0d18b73cd2820e5f0b"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"29203323297885384493659448925045519817", "length":2639}, "id":"ASB-A-283962802-cb3b42fc", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d770f706d943a7ff3095fb0d18b73cd2820e5f0b", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["171382021060146019994183810298757766274", "209727135170950016619958327047086003845", "222581126683593730429250548465234379834", "182174804976035329774921094615038043771", "303434344376307165755255759506123329699", "96802014755626440041800288545893188987", "243914122422970178253073277090849461956", "106386172300797820375062882942015812786", "275423800456750119830506244773551901606", "38291429864868648221893071760536293121", "63440471419771065461086291363062212153", "202992266509600817457929899926101805783", "90709302688690791459433359582740844527", "189259289722399902992640661459053081761", "110582045004914461110056641720439303365"], "threshold":0.9}, "id":"ASB-A-283962802-d3192061", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d770f706d943a7ff3095fb0d18b73cd2820e5f0b", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-12-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/a6f44e911f2d7204cc28c710e54f97c96231abab"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"88690414053046570452154742374956197705", "length":2445}, "id":"ASB-A-283962802-722fe580", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/a6f44e911f2d7204cc28c710e54f97c96231abab", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["11425810881900634527917672131491316607", "209727135170950016619958327047086003845", "222581126683593730429250548465234379834", "182174804976035329774921094615038043771", "303434344376307165755255759506123329699", "96802014755626440041800288545893188987", "243914122422970178253073277090849461956", "106386172300797820375062882942015812786", "275423800456750119830506244773551901606", "38291429864868648221893071760536293121", "63440471419771065461086291363062212153", "202992266509600817457929899926101805783", "90709302688690791459433359582740844527", "189259289722399902992640661459053081761", "110582045004914461110056641720439303365"], "threshold":0.9}, "id":"ASB-A-283962802-a8a9dd63", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/a6f44e911f2d7204cc28c710e54f97c96231abab", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"328630913936997539884917677266248587884", "length":2768}, "id":"ASB-A-283962802-725c912f", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["171382021060146019994183810298757766274", "209727135170950016619958327047086003845", "222581126683593730429250548465234379834", "182174804976035329774921094615038043771", "303434344376307165755255759506123329699", "96802014755626440041800288545893188987", "243914122422970178253073277090849461956", "106386172300797820375062882942015812786", "275423800456750119830506244773551901606", "38291429864868648221893071760536293121", "63440471419771065461086291363062212153", "202992266509600817457929899926101805783", "90709302688690791459433359582740844527", "189259289722399902992640661459053081761", "110582045004914461110056641720439303365"], "threshold":0.9}, "id":"ASB-A-283962802-de09fca3", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-12-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["171382021060146019994183810298757766274", "209727135170950016619958327047086003845", "222581126683593730429250548465234379834", "182174804976035329774921094615038043771", "303434344376307165755255759506123329699", "96802014755626440041800288545893188987", "243914122422970178253073277090849461956", "106386172300797820375062882942015812786", "275423800456750119830506244773551901606", "38291429864868648221893071760536293121", "63440471419771065461086291363062212153", "202992266509600817457929899926101805783", "90709302688690791459433359582740844527", "189259289722399902992640661459053081761", "110582045004914461110056641720439303365"], "threshold":0.9}, "id":"ASB-A-283962802-481d01f5", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java"}}, {"deprecated":false, "digest":{"function_hash":"328630913936997539884917677266248587884", "length":2768}, "id":"ASB-A-283962802-5e8e5700", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-12-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["171382021060146019994183810298757766274", "209727135170950016619958327047086003845", "222581126683593730429250548465234379834", "182174804976035329774921094615038043771", "303434344376307165755255759506123329699", "96802014755626440041800288545893188987", "243914122422970178253073277090849461956", "106386172300797820375062882942015812786", "275423800456750119830506244773551901606", "38291429864868648221893071760536293121", "63440471419771065461086291363062212153", "202992266509600817457929899926101805783", "90709302688690791459433359582740844527", "189259289722399902992640661459053081761", "110582045004914461110056641720439303365"], "threshold":0.9}, "id":"ASB-A-283962802-2025cd56", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java"}}, {"deprecated":false, "digest":{"function_hash":"328630913936997539884917677266248587884", "length":2768}, "id":"ASB-A-283962802-4b971e19", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3d36966ea2aeebc3501a69a8ef7afce5ef593cee", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/b7bd7df91740da680a5c3a84d8dd91b4ca6956dd"}]}