Описание
jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.5 (исключая)
cpe:2.3:a:jadx_project:jadx:*:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
3.3 Low
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Jadx-gui vulnerable to swing HTML Denial of Service (DoS) attack
EPSS
Процентиль: 17%
0.00055
Низкий
3.3 Low
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo