Unable to publish app on playstore because of vulnerability issues caused in this dependency

tcking / GiraffePlayer2

out of the box android video player（support lazy load, ListView/RecyclerView and hight performance）

Apache License 2.0

377 stars 110 forks source link

Unable to publish app on playstore because of vulnerability issues caused in this dependency #204

Open shami2812 opened 3 years ago

shami2812 commented 3 years ago

Your app contains an unsafe unzipping pattern that may lead to a Path Traversal vulnerability. Please see this Google Help Center article to learn how to fix the issue.

tcking.github.com.giraffeplayer2.LazyLoadManager.unZip

How this will be solved ?