Vulnerability Details CVE-2020-36628
A vulnerability classified as critical has been found in Calsign APDE. This affects the function handleExtract of the file APDE/src/main/java/com/calsignlabs/apde/build/dag/CopyBuildTask.java of the component ZIP File Handler. The manipulation leads to path traversal. Upgrading to version 0.5.2-pre2-alpha is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216747.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.3%
CVSS Severity
CVSS v3 Score 5.5
References
- https://github.com/Calsign/APDE/commit/c6d64cbe465348c1bfd211122d89e3117afadecf
- https://github.com/Calsign/APDE/releases/tag/v0.5.2-pre2-alpha
- https://vuldb.com/?id.216747
- https://github.com/Calsign/APDE/commit/c6d64cbe465348c1bfd211122d89e3117afadecf
- https://github.com/Calsign/APDE/releases/tag/v0.5.2-pre2-alpha
- https://vuldb.com/?id.216747
Products affected by CVE-2020-36628
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.1.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.1.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.2.0cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.2.0
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.2.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.2.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.2.2cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.2.2
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.2.3cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.2.3
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.2.4cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.2.4
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.3.0cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.3.0
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.3.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.3.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.3.2cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.3.2
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.3.3cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.3.3
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.4.0cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.4.0
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.4.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.4.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.5.0cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.5.0
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.5.1cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.5.1
-
Android Processing Development Environment Project » Android Processing Development Environment » Version: 0.5.2cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.5.2