Vulnerabilities > CVE-2024-25466 - Unspecified vulnerability in React-Native-Documents Document Picker
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component.
Vulnerable Configurations
References
- https://github.com/FixedOctocat/CVE-2024-25466/tree/main
- https://github.com/FixedOctocat/CVE-2024-25466/tree/main
- https://github.com/rnmods/react-native-document-picker/blob/0be5a70c3b456e35c2454aaf4dc8c2d40eb2ab47/android/src/main/java/com/reactnativedocumentpicker/RNDocumentPickerModule.java
- https://github.com/rnmods/react-native-document-picker/blob/0be5a70c3b456e35c2454aaf4dc8c2d40eb2ab47/android/src/main/java/com/reactnativedocumentpicker/RNDocumentPickerModule.java