CVE-2022-39259

medium

Description

jadx is a set of command line and GUI tools for producing Java source code from Android Dex and Apk files. versions prior to 1.4.5 are subject to a Denial of Service when opening zip files with HTML sequences. This issue has been patched in version 1.4.5. There are no known workarounds.

References

https://github.com/skylot/jadx/security/advisories/GHSA-3r7j-8mqh-6qhx

Details

Source: Mitre, NVD

Published: 2022-10-21

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024