4 matches found
CVE-2022-39259
jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds...
CVE-2022-39259 Jadx-gui subject to Denial of Service via Swing HTML rendering
jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds...
CVE-2022-39259
The CVE refers to Skylot Jadx (Jadx-gui) prior to version 1.4.5, where opening a ZIP containing an HTML sequence can trigger a Denial of Service in the Swing HTML rendering. The underlying issue is a GUI-side DoS vulnerability in Jadx-gui’s HTML rendering path. The vulnerability is patched in ver...
io.github.skylot:jadx-dex-input (>=1.3.1 <=1.4.4), io.github.skylot:jadx-java-input (>=1.3.1 <=1.4.4) +2 more potentially affected by CVE-2022-39259 via io.github.skylot:jadx-plugins-api (>=1.3.1 <=1.4.4)
io.github.skylot:jadx-plugins-api MAVEN version =1.3.1, =1.3.1, =1.3.1, =1.3.1, =1.3.1, =1.4.4 Source cves: CVE-2022-39259 Source advisory: OSV:GHSA-3R7J-8MQH-6QHX...