Hluwa

**Name of the Vulnerable Software and Affected Versions** Apple Music versions prior to 4.2.0 **Description** The issue is related to insufficient access control in the Apple Music app for Android, which may allow an app to access a user's contacts. This could potentially lead to the disclosure of user contact information. **Recommendations** For versions prior to 4.2.0, update to Apple Music 4.2.0 for Android to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Music versions prior to 3.9.10 **Description** The issue allows an app to potentially access user-sensitive data due to inadequate state management. This has been addressed with improved state management. **Recommendations** For versions prior to 3.9.10, update to Apple Music 3.9.10 for Android to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Galaxy Store versions prior to 4.5.40.5 **Description** The issue is related to improper sanitization of incoming intent in Galaxy Store, allowing local attackers to access privileged content providers as Galaxy Store permission. **Recommendations** For Galaxy Store versions prior to 4.5.40.5, update to version 4.5.40.5 or later to resolve the issue.