Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Calsign APDE ZIP File CopyBuildTask.java handleExtract path traversal
Vulnerability Description
A vulnerability classified as critical has been found in Calsign APDE. This affects the function handleExtract of the file APDE/src/main/java/com/calsignlabs/apde/build/dag/CopyBuildTask.java of the component ZIP File Handler. The manipulation leads to path traversal. Upgrading to version 0.5.2-pre2-alpha is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216747.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
APDE 路径遍历漏洞
Vulnerability Description
APDE是William Smith个人开发者的一个用于在 Android 设备上创建和运行草图的处理 IDE。 APDE 0.5.2-pre2-alpha之前版本存在路径遍历漏洞,该漏洞源于组件ZIP文件处理程序中APDE/src/main/java/com/calsignlabs/apde/build/dag/CopyBuildTask.java文件的函数handleExtract存在问题,会导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A