Android : Location data usage

Classification

OWASP Mobile Top 10 2014

M4-Unintended Data Leakage

OWASP Mobile Top 10 2016

M3-Insecure Communication

OWASP MASVS

V6: 6.1.(L1/L2/L1+R/L2+R)

CWE

CWE-250

CWE/SANS Top 25 2011

CWE-250

Overview

The application uses the information about the device location received from GPS. When working incorrect with such information, the application can compromise user privacy.

Applications that process GPS data must take precautions to prevent violation of the confidentiality of this information.

References

Location Strategies - developer.android.com
OWASP Top 10 2013-A6-Sensitive Data Exposure
CWE-250: Execution with Unnecessary Privileges

MEDIUM

Android : Location data usage

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Android : Location data usage in your application?

See also

Android : Debug mode on

Android : Error handling: generic exception

Android : HTTP usage