← Voltar para CVEs
CVE-2022-39259
LOW3.3
Descricao
jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds.
Detalhes CVE
Pontuacao CVSS v3.13.3
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado10/21/2022
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
jadx_project:jadx
Fraquezas (CWE)
CWE-20
Referencias
https://github.com/skylot/jadx/security/advisories/GHSA-3r7j-8mqh-6qhx(security-advisories@github.com)
https://github.com/skylot/jadx/security/advisories/GHSA-3r7j-8mqh-6qhx(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.