Vulnerability APK Version(s) Deadline to fix Intent Redirection. Your app(s) are vulnerable to Intent Redirection.

[kishanpatelstrauss]

react-native : 0.67.2 react-native-razorpay : 2.2.9 and 2.3.0

When i publish Android App Bundle on play store then throw msg from google app store

Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK. Vulnerability APK Version(s) Deadline to fix Intent Redirection Your app(s) are vulnerable to Intent Redirection. com.razorpay.b_J.onReceive To confirm you’ve upgraded correctly, submit the updated version of your app to the Play Console and check back after five hours. We’ll show a warning message if the app hasn’t been updated correctly. While these vulnerabilities may not affect every app, it’s best to stay up to date on all security patches. If you have technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” For clarification on steps you need to take to resolve this issue, you can contact our developer support team. Best, The Google Play Team

[vivekshindhe]

@kishanpatelstrauss Hey, thanks for reaching out regarding this. This is already being tracked in another issue, here. Please follow that thread for updates. A new version has been released as well. Closing this ticket.

[kishanpatelstrauss]

ok. i will reinstall react-native-razorpay and then after publish Android App Bundle on play store.

[vivekshindhe]

@kishanpatelstrauss do remember to remove the version which threw this error out of the track. Else it will throw the same error again.

[rajeshde]

@vivekshindhe I understand that this is out of the topic of this issue thread, but can you mention how to remove the previous version out of the track before submitting an updated version. I couldn't find any way to delete/remove the track.

[vivekshindhe]

@rajeshde Hey, looks like due the new changes that is not possible anymore. Tried looking at multiple things. In any case, try uploading the newer aab with the updated version.

[rajeshde]

@vivekshindhe I have actually updated with a new aab with an updated version, but I still got the error from Google.

[nb-immosnapp]

Any update here?? @vivekshindhe

[vivekshindhe]

@nb-immosnapp We have covered the vulnerability in the SDK and followed the steps from Google remedy page. Could you please reach out to their help desk and see what the issue is? We are looking from our end as well.

[nb-immosnapp]

@nb-immosnapp We have covered the vulnerability in the SDK and followed the steps from Google remedy page. Could you please reach out to their help desk and see what the issue is? We are looking from our end as well.

okay let me check from their as well. i will ask for help Thanks!

[nirav-infostretch]

hi @vivekshindhe,

We are using react-native-razorpay : 2.2.9 react-native : 0.64.4 com.razorpay:checkout : 1.6.28

We have uploaded new bundle. But still it rejected by play store. Can you please help us ?

This is rejection reason we are getting from google Your app contains an Intent Redirection vulnerability. Please see this Google Help Center article for details.

com.razorpay.b_J.onReceive sv:deadline:12/13/2020

[vivekshindhe]

@nirav-infostretch hey, the issue has been fixed. Please reinstall the razorpay package and upload to play store l

[kishanpatelstrauss]

Hi @vivekshindhe,

react-native : 0.67.2 react-native-razorpay : 2.3.0

Reinstall the razorpay package and upload to play store .aab file. my app is publish but i got this msg(Vulnerability APK Version(s) Deadline to fix Intent Redirection. Your app(s) are vulnerable to Intent Redirection.)

Thanks @vivekshindhe

[vivekshindhe]

Hey @kishanpatelstrauss. Looks like the SDK version internally being used in android isn't updated yet. Can you please remove the package, run cd android && ./gradlew build install the razorpay package again update the version of aab ensure you aren't making a release for older versions in Play store as well, and check? This is resolved issues for everybody