You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Prior to Android 4.0, any application with READ_LOGS permission could obtain all the other applications' log output. After Android 4.1, the specification of READ_LOGS permission has been changed. Even applications with READ_LOGS permission cannot obtain log output from other applications.
However, by connecting an Android device to a PC, or when running a rooted device, log output from other applications can be obtained.
Therefore, it is important that applications do not send sensitive information to log output.
Prior to Android 4.0, any application with READ_LOGS permission could obtain all the other applications' log output. After Android 4.1, the specification of READ_LOGS permission has been changed. Even applications with READ_LOGS permission cannot obtain log output from other applications.
However, by connecting an Android device to a PC, or when running a rooted device, log output from other applications can be obtained.
Therefore, it is important that applications do not send sensitive information to log output.
The following LGTM query results demonstrate user credentials being written to the system log: https://lgtm.com/query/3734390561435240112/
Once the issue is fixed, please create a security advisory to a CVE is assigned to it by GitHub.
Thank you,
The text was updated successfully, but these errors were encountered: