CVE-2022-39259

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-39259

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39259.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-39259

Aliases

GHSA-3r7j-8mqh-6qhx

Published

2022-10-21T23:15:09Z

Modified

2024-05-14T12:13:33.849827Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds.

References

https://github.com/skylot/jadx/security/advisories/GHSA-3r7j-8mqh-6qhx

Affected packages

Git / github.com/skylot/jadx

Affected ranges

Type: GIT
Repo: https://github.com/skylot/jadx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6844a46c93a4c911196b47ad3492da15935711b9

Affected versions

v0.*

v0.4

v0.4.1

v0.5.0

v0.5.0-beta1

v0.5.1

v0.5.2

v0.5.4

v0.6.0

v0.6.1

v0.7.1

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.1.0

v1.2.0

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4