{"vulnerability": "CVE-2024-10382", "sightings": [{"uuid": "95836ff7-bb66-4b01-a9b9-058c5f475c54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10382", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514815700194839", "content": "", "creation_timestamp": "2024-11-20T10:30:28.794267Z"}, {"uuid": "619724e2-6449-4aba-a8d9-57510e4979f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10382", "type": "seen", "source": "https://t.me/cvedetector/11582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10382 - Android Jetpack Car App RCE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10382 \nPublished : Nov. 20, 2024, 11:15 a.m. | 38\u00a0minutes ago \nDescription : There exists a code execution vulnerability in the Car App Android Jetpack Library. In the CarAppService desrialization logic is used that allows for arbitrary java classes to be constructed. In combination with other gadgets, this can lead to arbitrary code execution. An attacker needs to have an app on a victims Android device that uses the CarAppService Class and the victim would need to install a malicious app alongside it. We recommend upgrading the library past version\u00a01.7.0-beta02 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:54:06.000000Z"}]}