{"id":"ASB-A-262521447","details":"In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-262521447","CVE-2023-21265"],"modified":"2026-04-21T15:25:42.831358Z","published":"2023-08-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-08-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/ca-certificates/+/6065b4a4c7da9cc9ee01c2f6389575647d2724c4"}],"affected":[{"package":{"name":"platform/system/ca-certificates","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-08-01"}]}],"versions":["13-next"],"ecosystem_specific":{"severity":"High","spl":"2023-08-01","fixes":["https://android.googlesource.com/platform/system/ca-certificates/+/cbc6bbaa091a1217001817023e8859315b8ecc33"],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262521447.json"}},{"package":{"name":"platform/system/ca-certificates","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-08-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"High","spl":"2023-08-01","fixes":["https://android.googlesource.com/platform/system/ca-certificates/+/7f21eeb5f64c78dde049b132c93dd7dce53d23e8"],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262521447.json"}},{"package":{"name":"platform/system/ca-certificates","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-08-01"}]}],"versions":["12"],"ecosystem_specific":{"severity":"High","spl":"2023-08-01","fixes":["https://android.googlesource.com/platform/system/ca-certificates/+/7f21eeb5f64c78dde049b132c93dd7dce53d23e8"],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262521447.json"}},{"package":{"name":"platform/system/ca-certificates","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-08-01"}]}],"versions":["12L"],"ecosystem_specific":{"severity":"High","spl":"2023-08-01","fixes":["https://android.googlesource.com/platform/system/ca-certificates/+/cbc6bbaa091a1217001817023e8859315b8ecc33"],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262521447.json"}},{"package":{"name":"platform/system/ca-certificates","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-08-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","spl":"2023-08-01","fixes":["https://android.googlesource.com/platform/system/ca-certificates/+/cbc6bbaa091a1217001817023e8859315b8ecc33"],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-262521447.json"}}],"schema_version":"1.7.5"}