Description
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.
Remediation
References
https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
http://jvn.jp/en/jp/JVN59779918/index.html
Related Vulnerabilities
CVE-2019-10080 Vulnerability in maven package org.apache.nifi:nifi-lookup-services
CVE-2019-1003037 Vulnerability in maven package org.jenkins-ci.plugins:azure-vm-agents
CVE-2023-50728 Vulnerability in npm package probot
CVE-2016-6816 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2018-3774 Vulnerability in maven package org.webjars.npm:url-parse