CVE-2024-54461

Name of the Vulnerable Software and Affected Versions file selector versions prior to 0.5.1+12 file selector android versions prior to 0.5.1+12

Description The file names constructed within file selector are missing sanitization checks, leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using their app and could potentially override internal files in their app cache.

Recommendations For file selector versions prior to 0.5.1+12, update to the latest version of file selector android that contains the changes to address this vulnerability. For file selector android versions prior to 0.5.1+12, update to version 0.5.1+12 or later to resolve the issue.