Security alert
Your app is using a content provider with an unsafe implementation of openFile. Please see https://support.google.com/faqs/answer/7496913 for details.
Vulnerable classes:
Please fix the issue before: 08/01/49902
Any guidance on this? There’s no reference to a line of code, so I’m not sure what this is referring to.
Looks like you have plenty of time to fix this: Year 49,902? :)
Sorry, that just struck me as a funny paste-o.
plugins = { ["plugin.firebaseAuth"] = { publisherId = "tech.scotth" }, ["plugin.firebaseInvites"] = { publisherId = "tech.scotth", }, ["plugin.notifications.v2"] = { publisherId = "com.coronalabs" }, ["plugin.OneSignal"] = { publisherId = "com.onesignal", }, ["plugin.appodeal"] = { publisherId = "com.coronalabs" }, ["plugin.google.iap.v3"] = { publisherId = "com.coronalabs", supportedPlatforms = { android=true } }, ["plugin.braintonik-dialog"] = { publisherId = "com.braintonik", }, ["plugin.volumeControl"] = { publisherId = "tech.scotth", supportedPlatforms = { android=true } }, ["plugin.bassBoost"] = { publisherId = "tech.scotth", }, ["plugin.facebook.v4a"] = { publisherId = "com.coronalabs" }, },All of my apps have been marked with the same issue. A total of 7 apps. Some I have not updated since April of 2015 and the most recent one was updated about a week ago.
Do you think it is a plugin? I can see which plugins they have in common although they probably would not all be the same version of the plugin.
This is the plugin for the version that was last updated in April 2015:
plugins = { ["plugin.google.play.services"] = { publisherId = "com.coronalabs" }, ["CoronaProvider.analytics.flurry"] = { publisherId = "com.coronalabs" } },I believe it should be resolved in the latest builds. I am going to try to update one of my apps and see what it says.
https://forums.coronalabs.com/topic/70306-path-traversal-security-vulnerability-on-google-play/
It is the same issue. Building with version > 3145 removes the warning.
Looks like you have plenty of time to fix this: Year 49,902? :)
Sorry, that just struck me as a funny paste-o.
plugins = { ["plugin.firebaseAuth"] = { publisherId = "tech.scotth" }, ["plugin.firebaseInvites"] = { publisherId = "tech.scotth", }, ["plugin.notifications.v2"] = { publisherId = "com.coronalabs" }, ["plugin.OneSignal"] = { publisherId = "com.onesignal", }, ["plugin.appodeal"] = { publisherId = "com.coronalabs" }, ["plugin.google.iap.v3"] = { publisherId = "com.coronalabs", supportedPlatforms = { android=true } }, ["plugin.braintonik-dialog"] = { publisherId = "com.braintonik", }, ["plugin.volumeControl"] = { publisherId = "tech.scotth", supportedPlatforms = { android=true } }, ["plugin.bassBoost"] = { publisherId = "tech.scotth", }, ["plugin.facebook.v4a"] = { publisherId = "com.coronalabs" }, },All of my apps have been marked with the same issue. A total of 7 apps. Some I have not updated since April of 2015 and the most recent one was updated about a week ago.
Do you think it is a plugin? I can see which plugins they have in common although they probably would not all be the same version of the plugin.
This is the plugin for the version that was last updated in April 2015:
plugins = { ["plugin.google.play.services"] = { publisherId = "com.coronalabs" }, ["CoronaProvider.analytics.flurry"] = { publisherId = "com.coronalabs" } },I believe it should be resolved in the latest builds. I am going to try to update one of my apps and see what it says.
https://forums.coronalabs.com/topic/70306-path-traversal-security-vulnerability-on-google-play/
It is the same issue. Building with version > 3145 removes the warning.