CVE-2020-36628
CVSS V2 None
CVSS V3 None
Description
A vulnerability classified as critical has been found in Calsign APDE. This affects the function handleExtract of the file APDE/src/main/java/com/calsignlabs/apde/build/dag/CopyBuildTask.java of the component ZIP File Handler. The manipulation leads to path traversal. Upgrading to version 0.5.2-pre2-alpha is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216747.
Overview
- CVE ID
- CVE-2020-36628
- Assigner
- cna@vuldb.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-25T11:15:10
- Last Modified Date
- 2023-01-05T14:54:28
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:*:*:*:*:*:android:*:* | 1 | OR | 0.5.2 | |
cpe:2.3:a:android_processing_development_environment_project:android_processing_development_environment:0.5.2:pre1_alpha:*:*:*:android:*:* | 1 | OR |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2020-36628 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36628 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-12-25 12:16:03 | Added to TrackCVE | |||
2022-12-25 12:16:04 | Weakness Enumeration | new | ||
2022-12-27 14:15:41 | 2022-12-27T13:48:11 | CVE Modified Date | updated | |
2022-12-27 14:15:41 | Received | Awaiting Analysis | Vulnerability Status | updated |
2022-12-27 14:15:45 | CVSS V3 information | new | ||
2022-12-29 19:14:29 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
2022-12-29 19:14:32 | CVSS V3 information | new | ||
2023-01-05 15:16:50 | 2023-01-05T14:54:28 | CVE Modified Date | updated | |
2023-01-05 15:16:50 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
2023-01-05 15:16:51 | CPE Information | updated | ||
2023-01-05 15:16:51 | CVSS V3 information | new |