Android Play Core
Approved changes feed: RSS · Atom
cpe:2.3:a:google_llc:android_play_core:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Google Llc (c72c74b5-1c39-5d47-98b8-8dacb6f7d99a) |
|---|---|
| Product | Android Play Core (3a371a83-ebb4-505e-bf5c-6c4bd7c54c3c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-8913 |
vulnerable | 2026-06-03 14:43:12.121024 |
Local arbitrary code execution in splitinstall in Android's Play Core
HIGH (8.8)
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
Published: 2020-08-12T07:10:12.000Z
Updated: 2024-08-04T10:12:10.972Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.