Change theme
Help
Press space for more information.
Show links for this issue (Shortcut: i, l)
Copy issue ID
Previous Issue (Shortcut: k)
Next Issue (Shortcut: j)
Sign in to use full features.
Vote: I am impacted
Notification menu
Refresh (Shortcut: Shift+r)
Go home (Shortcut: u)
Pending code changes (auto-populated)
View issue level access limits(Press Alt + Right arrow for more information)
Attachment actions
Unintended behavior
View staffing
Description
Hello, in a security audit we found an instance of insecure Random Number Generator.
File androidx/activity/result/ActivityResultRegistry.java near line 25:
This is the report we got:
Category Cryptography and Insecure Storage
Testing Method Black Box
Tools Used Apktool, dex2jar, jd-gui
Component used: Activity
Version used: 1.8
Devices/Android versions reproduced on: Android api 31.
If this is a bug in the library, we would appreciate if you could attach:
- Sample project to trigger the issue.
- A screenrecord or screenshots showing the issue (if UI related).