Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary Code execution in Car App Android Jetpack Library
Vulnerability Description
There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to install a malicious application on victims device to be able to attack any application that uses vulnerable library. We recommend upgrading the library past version 1.7.0-beta02.
CVSS Information
N/A
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Google Car App 安全漏洞
Vulnerability Description
Google Car App是美国谷歌(Google)公司的一个骑车应用程序库。 Google Car App存在安全漏洞,该漏洞源于存在代码执行漏洞,可能导致任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A