Homepage
About Snyk

logkitty@0.4.2 vulnerabilities

Display pretty Android and iOS logs without Android Studio or Console.app, with intuitive Command Line Interface.

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the logkitty package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Remote Code Execution (RCE)

logkitty is a Display pretty Android and iOS logs without Android Studio or Console.app, with intuitive Command Line Interface.

Affected versions of this package are vulnerable to Remote Code Execution (RCE). The issue occurs because user input is formatted inside a command that will be executed without any sanitization.

PoC

logkitty android app 'test; touch HACKED'

How to fix Remote Code Execution (RCE)?

Upgrade logkitty to version 0.7.1 or higher.

<0.7.1
Go back to all versions of this package