EUVD-2024-33582

Malicious code in bioql PyPI...

CVE-2024-10382

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

CVE-2024-10382

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

CVE-2024-10382 Arbitrary Code execution in Car App Android Jetpack Library

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

CVE-2024-10382

CVE-2024-10382 affects the Car App Android Jetpack Library, with vulnerable component in CarAppService deserialization logic that can construct arbitrary Java classes and enable arbitrary code execution when combined with certain deserialization gadgets. Affected versions are earlier than 1.7.0-b...

CVE-2024-10382 Arbitrary Code execution in Car App Android Jetpack Library

There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbitrary code execution when combined with specific Java deserialization gadgets. An attacker needs to...

PT-2024-16235 · Google · Car App Android Jetpack Library

Name of the Vulnerable Software and Affected Versions: Car App Android Jetpack Library versions prior to 1.7.0-beta02 Description: The issue is related to a code execution vulnerability in the Car App Android Jetpack Library. Specifically, the CarAppService uses deserialization logic that allows...

PT-2024-35: Automatic explicit deep link assignment in Android Jetpack Navigation Library

The vulnerability was identified in Android Jetpack Navigation Library in versions 2.8.1. The discovered vulnerability allows an attacker, using automatically assigned explicit deep links, to open arbitrary screens in the application and pass them arbitrary parameters Vulnerability status:...

PT-2024-41431 · Google · Android Jetpack Navigation Library

Уязвимость библиотеки для реализации навигации в приложениях Android Jetpack Navigation Library связана с неверным определением символических ссылок перед доступом к файлу. Эксплуатация уязвимости может позволить нарушителю обойти существующие ограничения безопасности, получить несанкционированно...