Vulnerability	Vulnerable Version
L Directory Traversal Affected versions of this package are vulnerable to Directory Traversal due to an escape problem with the `style` file during the parsing of a resource file. An attacker can overwrite other files in the directory where the decompile result is saved by modifying the type of a malicious file to `style` and tricking the software into processing it as such. This manipulation involves changing the original filename in a way that causes the software to save the decompiled result in an unintended location. How to fix Directory Traversal? Upgrade `io.github.skylot:jadx-core` to version 1.5.0 or higher.	[,1.5.0)
H Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) when using jadx-gui to open a special zip file with entry containing HTML sequence like `<html><frame>`, which will cause the interface to get stuck. How to fix Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)? Upgrade `io.github.skylot:jadx-core` to version 1.4.5 or higher.	[,1.4.5)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal due to an escape problem with the style file during the parsing of a resource file. An attacker can overwrite other files in the directory where the decompile result is saved by modifying the type of a malicious file to style and tricking the software into processing it as such. This manipulation involves changing the original filename in a way that causes the software to save the decompiled result in an unintended location.

How to fix Directory Traversal?

Upgrade io.github.skylot:jadx-core to version 1.5.0 or higher.

[,1.5.0)

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) when using jadx-gui to open a special zip file with entry containing HTML sequence like <html><frame>, which will cause the interface to get stuck.

How to fix Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)?

Upgrade io.github.skylot:jadx-core to version 1.4.5 or higher.

[,1.4.5)

Go back to all versions of this package