v4.3.2

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

MobSF/Mobile-Security-Framework-MobSF·

21k3.6kJavaScriptGPL-3.0

·Website

android-securityapi-testingapkcwedevsecopsdynamic-analysis+13

Last updated 3 days ago

v4.3.2 Changelog

Features or Enhancements
- Added support for user defined SSO Maintainer or Viewer role mapping
- Dependency updates
Security
- Fixed Partial Denial of Service due to strict regex check in iOS report view URL
- Fixed Local Privilege escalation due to leaked REST API key in web UI
- Fixed Stored Cross-Site Scripting in iOS dynamic_analysis view via bundle id
- Improved anti-SSRF checks and added extra checks in firebase and asset link check
Bug Fixes
- Bug fix in docker build poetry cache clean
- Fix CI builds on mac
- Fix frida server download proxy SSL verify configuration

What's Changed

[SECURITY] Security update to fix vulnerabilities reported by Positive Technologies researchers by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2488
Saml group mapping by @Antiksec in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2487
March 25 QA by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2504
[SECURITY] Improve SSRF checks, strict path check for well_known_path by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2510

New Contributors

@Antiksec made their first contribution in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2487

Full Changelog: https://github.com/MobSF/Mobile-Security-Framework-MobSF/compare/v4.3.0...v4.3.2

v4.3.2 Changelog

Features or Enhancements
- Added support for user defined SSO Maintainer or Viewer role mapping
- Dependency updates
Security
- Fixed Partial Denial of Service due to strict regex check in iOS report view URL
- Fixed Local Privilege escalation due to leaked REST API key in web UI
- Fixed Stored Cross-Site Scripting in iOS dynamic_analysis view via bundle id
- Improved anti-SSRF checks and added extra checks in firebase and asset link check
Bug Fixes
- Bug fix in docker build poetry cache clean
- Fix CI builds on mac
- Fix frida server download proxy SSL verify configuration

What's Changed

[SECURITY] Security update to fix vulnerabilities reported by Positive Technologies researchers by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2488
Saml group mapping by @Antiksec in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2487
March 25 QA by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2504
[SECURITY] Improve SSRF checks, strict path check for well_known_path by @ajinabraham in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2510

New Contributors

@Antiksec made their first contribution in https://github.com/MobSF/Mobile-Security-Framework-MobSF/pull/2487

Full Changelog: https://github.com/MobSF/Mobile-Security-Framework-MobSF/compare/v4.3.0...v4.3.2

Mobile-Security-Framework-MobSF

v4.3.2 Changelog

What's Changed

New Contributors

More JavaScript Projects

react

next.js

30-seconds-of-code

node

v4.3.2

v4.3.2 Changelog

What's Changed

New Contributors

More JavaScript Projects

react

next.js

30-seconds-of-code

node