{"vulnerability": "CVE-2021-3976", "sightings": [{"uuid": "ac3cbd22-054d-435f-9fb9-7d5948e6c992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39765", "type": "seen", "source": "https://t.me/cibsecurity/39857", "content": "\u203c CVE-2021-39765 \u203c\n\nIn Gallery, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535427\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:18:43.000000Z"}, {"uuid": "ff6378a3-ad5d-412a-b918-039287d3c850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39761", "type": "seen", "source": "https://t.me/cibsecurity/39860", "content": "\u203c CVE-2021-39761 \u203c\n\nIn Media, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-179783181\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:18:49.000000Z"}, {"uuid": "260d4840-6baa-4193-b84e-9474d15a5548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39764", "type": "seen", "source": "https://t.me/cibsecurity/39850", "content": "\u203c CVE-2021-39764 \u203c\n\nIn Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:18:33.000000Z"}]}