Best answer by Dhanushki Pahathkumbure
View original
IFS Field Service using unsecure functions on android
Userlevel 3
+6
We have observed IFS Field Service using unsecure functions on android. The mobile application is using com.aviary.android.feather.common.utils.IOUtils.unzipEntry in an unsecure way. See https://support.google.com/faqs/answer/9294009 for specs on how to fix the issue. We are using FSM 5.7. update 6. Do you have any idea if this has been looked in already?
Userlevel 4
+15
This issue identified by Google is in an unused library contained with the third party Aviary SDK and does not pose a security risk. The FSM Mobile solution uses that SDK only to allow users to edit attached images.
This third party Aviary SDK and does not pose a security risk. The FSM Mobile solution uses that SDK only to allow users to edit attached images.
Reply
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.