Apktool Security Update Advisory (CVE-2024-21633)

Jan 03 2024

Overview

An update has been made available to address a vulnerability in Apktool. Users of affected versions are advised to update to the latest version.

Affected Products

All versions of Apktool 2.9.1 and earlier

Resolved Vulnerabilities

Arbitrary file write on decode vulnerability in Apktool (CVE-2024-21633)

Vulnerability Patches

Vulnerability patches were made available in the January 3 update. Please follow the instructions on the reference site to update to the latest vulnerability patch version.

Apktool 2.9.2 version

Referenced Sites

[1] CVE-2024-21633 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-21633
[2] Prevent arbitrary file writes with malicious resource names. (#3484)
https://github.com/iBotPeaches/Apktool/commit/d348c43b24a9de350ff6e5bd610545a10c1fc712
[3] Arbitrary file write on Decoding
https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Dr.Soft NetClient6 Product Security Update Advisory