Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

uCrop — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in uCrop, with AI-generated Chinese analysis, references, and POCs.

Vendor: Yalantis

CVE IDTitleCVSSSeverityPublished
CVE-2025-14517 Yalantis uCrop AndroidManifest.xml UCropActivity  improper export of android application components CWE-926 5.3 Medium2025-12-11
CVE-2025-14516 Yalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgery CWE-918 6.3 Medium2025-12-11

All 2 known CVE vulnerabilities affecting uCrop with full Chinese analysis, references, and POCs where available.