Lucene search

K
githubGitHub Advisory DatabaseGHSA-FJH6-P566-WR6Q
HistoryJul 21, 2022 - 10:35 p.m.

skylot jadx affected by Incorrect Behavior Order in vulnerable dependency

2022-07-2122:35:12
CWE-696
GitHub Advisory Database
github.com
17

Impact

Vulnerable library protobuf-java 3.11.4 (CVE-2021-22569)

Patches

Dependency updated in jadx 1.4.3

References

According to the AquaSecurity report:
05F1C52A666E4FCC844ABD085BD55124

Also, Maven repository have links to this and other vulnerabilities from dependencies:
https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java/3.11.4

CPENameOperatorVersion
io.github.skylot:jadx-corele1.4.2