CVE-2021-33057

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://arxiv.org/pdf/2205.15202.pdf", "name": "https://arxiv.org/pdf/2205.15202.pdf", "tags": [], "refsource": "MISC"}, {"url": "https://tencent.com", "name": "https://tencent.com", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location. An attacker can use qq.createMapContext to create a MapContext object, use MapContext.moveToLocation to move the center of the map to the device's location, and use MapContext.getCenterLocation to get the latitude and longitude of the current map center."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-33057", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2022-07-26T23:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-07-27T07:24Z"}