Closed tubeuchiha closed 2 years ago
Look at the https://nvd.nist.gov/vuln/detail/CVE-2022-23435
Parsing a GIF file in the native code of the android-gif-drawable library causes a timeout, resulting in the hosting application using CPU and becoming unresponsive.
Impact: An attacker can send a malicious GIF file to any application that uses the android-gif-drawable library, causing the app to become unresponsive until it is killed.
What are the impact surfaces by comment length ?