13 matches found
EUVD-2020-0784
Malware in sbrugna...
EUVD-2018-0457
Malware in sbrugna...
Man In The Middle (MitM)
node-apk-parser is vulnerable to man-in-the-middle MitM attacks. This is because the library downloads binaries via HTTP, allowing MitM attacks. It may also cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...
Downloads Resources over HTTP in apk-parser
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
GHSA-5G4R-87V2-JQVX Downloads Resources over HTTP in apk-parser
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10574
apk-parser3 before 0.1.3 downloads binary resources over HTTP, enabling MITM tampering and potential remote code execution if an attacker can swap the binary between the user and the server. Affected component: apk-parser3 (Android Manifest extraction feature). Impact per sources: code execution ...
CVE-2016-10564
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10564
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
Remote code execution
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10564
apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10564
The CVE-2016-10564 entry concerns apk-parser (affects versions below 0.1.6) that downloads binaries over HTTP. The underlying issue is exposure to MITM attacks, with potential remote code execution if an attacker can swap the downloaded binary while the user is on the network or between the user ...
Man In The Middle (MitM)
apk-parser is vulnerable to man-in-the-middle MitM attacks. This is because the library downloads binaries via HTTP, allowing MitM attacks. It may also cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...
Downloads Resources over HTTP
Overview apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...