Osmand
1 CVEs
product
Monthly
Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XXE
Osmand
NVD
GitHub
CVSS 3.1
9.1
EPSS
1.3%
EPSS 1%
CVSS 9.1
CRITICAL
POC
Act Now
Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XXE
Osmand
NVD
GitHub