Security Advisory

CVE-2022-20458

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-24 00:00:00

Last updated 2025-04-02 14:20:28

Assigner google_android

State PUBLISHED

Description

The logs of sensitive information (PII) or hardware identifier should only be printed in Android "userdebug" or "eng" build. StatusBarNotification.getKey() could contain sensitive information. However, CarNotificationListener.java, it prints out the StatusBarNotification.getKey() directly in logs, which could contain users account name (i.e. PII), in Android "user" build.Product: AndroidVersions: Android-12LAndroid ID: A-205567776

← Browse all CVEs View on cve.org ↗