Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ExpandApk function. An attacker can cause excessive resource consumption by providing a specially crafted, highly-compressed .apk stream that decompresses into a large tar...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Split function. An attacker can cause excessive CPU consumption and resource exhaustion by supplying a malicious APK stream that triggers unbounded gzip inflation. Remediation...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the dirFS filesystem abstraction. An attacker can perform unauthorized filesystem writes outside the intended base directory by supplying a crafted APK package containing malicious directory or symlink entrie...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which originates in LoadedPackage::Load in LoadedArsc.cpp, and due to a lack of boundary checking, an out-of-bounds read may occur. read. An attacker...