CVE-2022-4725

Name of the Vulnerable Software and Affected Versions AWS SDK version 2.59.0

Description A critical issue affects the function XpathUtils of the file aws-android-sdk-core/src/main/java/com/amazonaws/util/XpathUtils.java of the component XML Parser. The manipulation leads to server-side request forgery.

Recommendations Upgrade to version 2.59.1 to address this issue. As a temporary workaround, consider restricting the use of the XpathUtils function until the patch is applied.