CVE-2023-35670

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Google Android elevation of privilege vulnerability (CNVD-2023-55380)

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android, which stems from the FileUtils.java component's extractRelativePath store failing to correctly filter special elements in the path of a resource or file, whi...

CVE-2023-21093

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21093

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Path traversal

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21093

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-21093

CVE-2023-21093 concerns a path traversal in Android’s FileUtils.extractRelativePath that can let an attacker access files in directories belonging to other apps, enabling local elevation of privilege with no extra execution privileges and no user interaction. The vulnerability affects Android 11–...

PT-2023-17887 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A path traversal error in the extractRelativePath function of FileUtils.java allows access to files in a directory belonging to other applications. This issue could lead to local...

CVE-2022-3969 OpenKM FileUtils.java getFileExtension temp file

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...