The file names constructed within image_picker are missing sanitization checks leaving them vulnerable to malicious document providers. Rated low severity (CVSS 2.1). No vendor patch available.
Information Disclosure
Image Picker Android
Android
NVD
GitHub
CVSS 4.0
2.1
EPSS
0.0%
The file names constructed within file_selector are missing sanitization checks leaving them vulnerable to malicious document providers. Rated low severity (CVSS 2.1). No vendor patch available.
Information Disclosure
File Selector Android
Android
NVD
GitHub
CVSS 4.0
2.1
EPSS
0.0%