VYPR

Apktool

by Ibotpeaches

Source repositories

CVEs (3)

  • CVE-2026-39973HigApr 21, 2026
    risk 0.39cvss 7.1epss 0.00

    Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in `brut/androlib/res/decoder/ResFileDecoder.java` allows a maliciously crafted APK to write arbitrary files to the filesystem during standard decoding…

  • CVE-2024-24482Feb 2, 2024
    risk 0.00cvss epss 0.01

    Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.

  • CVE-2024-21633Jan 3, 2024
    risk 0.00cvss epss 0.01

    Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected…