2 matches found
CVE-2024-54462 Unsanitized Filenames in Flutter package image_picker_android Allow File Overwrites
The file names constructed within imagepicker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could...
CVE-2024-54461 Unsanitized Filenames in Flutter package file_selector_android Allow File Overwrites
The file names constructed within fileselector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could...