{"id":"PUB-A-174045870","details":"In onStart of ContactsDumpActivity.java, there is possible access to contacts due to a tapjacking/overlay attack. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.","aliases":["A-174045870","CVE-2021-0569"],"modified":"2026-05-26T15:46:26.044149249Z","published":"2021-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-06-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/ContactsProvider/+/d74717f0319b8282f76bc88d999fca87138c2f48"}],"affected":[{"package":{"name":"platform/packages/providers/ContactsProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-06-01"}]}],"versions":["11"],"ecosystem_specific":{"types":["ID"],"spl":"2021-06-01","vanir_signatures":[{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["165131647857970145395558277153544971045","18341653870661499813850026366524925571","107210192711485329355576990158459785477","312429896352256447699331898729695596336"]},"source":"https://android.googlesource.com/platform/packages/providers/ContactsProvider/+/d74717f0319b8282f76bc88d999fca87138c2f48","id":"PUB-A-174045870-01ce398d","target":{"file":"src/com/android/providers/contacts/debug/ContactsDumpActivity.java"},"deprecated":false,"signature_version":"v1"}],"severity":"Moderate","fixes":["https://android.googlesource.com/platform/packages/providers/ContactsProvider/+/d74717f0319b8282f76bc88d999fca87138c2f48"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-174045870.json"}}],"schema_version":"1.7.5"}