VYPR
Unrated severityNVD Advisory· Published Nov 10, 2022· Updated May 1, 2025

CVE-2022-36938

CVE-2022-36938

Description

DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Facebook/Redexllm-create2 versions
    before commit 3b44c64+ 1 more
    • (no CPE)range: before commit 3b44c64
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.