CNNVD-202508-2119 Information

CNNVD ID

CNNVD-202508-2119

Related CVE

CVE-2025-9134

• CNNVD Published: 2025-08-19

Description (Chinese)

AfterShip Package Tracker App是新加坡AfterShip公司的一个快递查询APP。 AfterShip Package Tracker App 5.24.1及之前版本存在安全漏洞，该漏洞源于AndroidManifest.xml组件导出不当，可能导致本地攻击。

Description (English)

AfterShip Package Tracker App is a courier from AfterShip Singapore. The security loophole in the AfterShip Package Tracker App 5.24.1 and earlier versions stems from the inappropriate export of Android Manifest.xml components, which could lead to local attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

AfterShip

Published

2025-08-19

Last Modified

2026-02-24

References

https://vuldb.com/?id.320514 https://vuldb.com/?submit.615253 https://github.com/KMov-g/androidapps/blob/main/com.aftership.AfterShip.md#steps-to-reproduce https://vuldb.com/?ctiid.320514 https://nvd.nist.gov/vuln/detail/CVE-2025-9134 https://access.redhat.com/security/cve/cve-2025-9134

Patch

https://www.aftership.com/