CVE-2024-54462

The file names constructed within imagepicker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could...

CVE-2024-54462 Unsanitized Filenames in Flutter package image_picker_android Allow File Overwrites

The file names constructed within imagepicker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could...

image_picker_android 安全漏洞

imagepickerandroid is a Flutter package open-sourced by Flutter. A security vulnerability exists in imagepickerandroid versions 0.8.5+6 through 0.8.12+17, which stems from a lack of cleanup checks on filenames, and makes it vulnerable to malicious document providers...

file_selector_android 安全漏洞

fileselectorandroid is a Flutter package open-sourced by Flutter. A security vulnerability exists in fileselectorandroid versions 0.5.1 through 0.5.1+11, which stems from a lack of cleanup checks on filenames and makes it vulnerable to malicious document providers...

PT-2025-3026 · Unknown · Image Picker Android +1

Name of the Vulnerable Software and Affected Versions: image picker versions prior to 0.8.12+18 image picker android versions prior to 0.8.12+18 Description: The file names constructed within image picker are missing sanitization checks, leaving them vulnerable to malicious document providers. Th...