CVE-2020-15165
CRITICALChameleon Mini Live Debugger <1.1.6 - Info Disclosure
Title source: llmDescription
Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as possible. For more information, review the referenced GitHub Security Advisory.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/maxieds/ChameleonMiniLiveDebugger/security/advisories/GHSA-8q77-7hq8-f7g6
Product, Third Party Advisory x_refsource_misc
https://play.google.com/store/apps/details?id=com.maxieds.chameleonminilivedebugger&hl=en_US
Scores
CVSS v3
9.3
EPSS
0.0132
EPSS Percentile
67.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Details
CWE
CWE-506
Status
published
Products (1)
chameleon_mini_live_debugger_project/chameleon_mini_live_debugger
1.1.6
Published
Aug 28, 2020
Tracked Since
Feb 18, 2026