VYPR

Ucrop

by Yalantis

CVEs (2)

  • CVE-2025-14516MedDec 11, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be…

  • CVE-2025-14517MedDec 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity  of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been…