UVCAndroid icon indicating copy to clipboard operation
UVCAndroid copied to clipboard
verified publisher icon shiyinghan

Potential Vulnerability in Cloned Code

Open tabudz opened this issue 1 month ago • 0 comments

Summary

Our tool detected a potential vulnerability in libuvccamera/src/main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c which was cloned from likema/yajl but did not receive the security patch applied in likema/yajl. The original issue was reported and fixed under https://nvd.nist.gov/vuln/detail/cve-2023-33460.

Proposed Fix

Apply the same patch as the one in likema/yajl to eliminate the vulnerability.

Reference

https://nvd.nist.gov/vuln/detail/cve-2023-33460 https://github.com/likema/yajl/commit/31531a6e6b5641398237ce15b7e62da02d975fc6

tabudz avatar Nov 24 '25 08:11 tabudz