Security: MobSF/Mobile-Security-Framework-MobSF
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
SSRF on assetlinks_check with DNS RebindingGHSA-fcfq-m8p6-gw56 published
Mar 29, 2025 by ajinabrahamModerate -
Local Privilege escalation due to leaked REST API key in web UIGHSA-79f6-p65j-3m2m published
Feb 5, 2025 by ajinabrahamHigh -
Partial Denial of Service due to strict regex check in iOS report view URLGHSA-jrm8-xgf3-fwqr published
Feb 5, 2025 by ajinabrahamModerate -
Stored Cross-Site Scripting in iOS dynamic_analysis view via `bundle` idGHSA-cxqq-w3x5-7ph3 published
Feb 5, 2025 by ajinabrahamHigh -
Stored Cross-Site Scripting Vulnerability in Recent Scans "Diff or Compare"GHSA-5jc6-h9w7-jm3p published
Dec 3, 2024 by ajinabrahamHigh -
Zip Slip Vulnerability in .a Static Library FilesGHSA-4hh3-vj32-gr6j published
Aug 18, 2024 by ajinabrahamHigh -
Open Redirect in Login RedirectGHSA-8m9j-2f32-2vx4 published
Jul 31, 2024 by ajinabrahamModerate -
SSRF in firebase database checkGHSA-wpff-wm84-x5cx published
Apr 4, 2024 by ajinabrahamModerate -
Potential Fix Bypass - [SSRF Vulnerability on assetlinks_check(act_name, well_knowns)]GHSA-m435-9v6r-v5f6 published
Mar 22, 2024 by ajinabrahamHigh -
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)GHSA-wfgj-wrgh-h3r3 published
Mar 22, 2024 by ajinabrahamHigh