Description
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally.
Remediation
References
http://jvn.jp/en/jp/JVN59779918/index.html
https://cordova.apache.org/news/2020/09/18/camera-plugin-release.html
Related Vulnerabilities
CVE-2020-5207 Vulnerability in maven package io.ktor:ktor-client-cio
CVE-2019-19771 Vulnerability in npm package we3b
CVE-2015-8862 Vulnerability in maven package org.webjars.bower:mustache
CVE-2021-33623 Vulnerability in npm package trim-newlines
CVE-2018-1328 Vulnerability in maven package org.apache.zeppelin:zeppelin