Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unsanitized Filenames in Flutter package file_selector_android Allow File Overwrites
Vulnerability Description
The file names constructed within file_selector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could potentially override internal files in your app cache. Issue patched in 0.5.1+12. It is recommended to update to the latest version of file_selector_android that contains the changes to address this vulnerability.
CVSS Information
N/A
Vulnerability Type
相对路径遍历
Vulnerability Title
file_selector_android 安全漏洞
Vulnerability Description
file_selector_android是Flutter开源的一个 Flutter 软件包。 file_selector_android 0.5.1至0.5.1+11版本存在安全漏洞,该漏洞源于文件名缺少清理检查,容易受到恶意文档提供程序的攻击。
CVSS Information
N/A
Vulnerability Type
N/A