PT-2024-20960 · Unknown · React Native Document Picker
Published
2024-02-16
·
Updated
2024-08-19
·
CVE-2024-25466
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
React Native Document Picker versions prior to 9.1.1
React Native Document Picker version 8.2.2 and earlier
Description
A Directory Traversal issue allows a local attacker to execute arbitrary code via a crafted script to the Android library component. This issue can be exploited by a local attacker.
Recommendations
For React Native Document Picker versions prior to 9.1.1, update to version 9.1.1 to resolve the issue.
For React Native Document Picker version 8.2.2 and earlier, update to version 9.1.1 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
React Native Document Picker