Homepage
About Snyk

mobsfscan@0.0.1 vulnerabilities

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code.

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the mobsfscan package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Server-Side Request Forgery (SSRF)

mobsfscan is a mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code.

Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF) due to improper validation of user-supplied input in the assetlinks_check function. An attacker can cause the server to make a connection to internal-only services within the organization's infrastructure by manipulating the input to include local hostnames.

How to fix Server-Side Request Forgery (SSRF)?

Upgrade mobsfscan to version 0.3.8 or higher.

[,0.3.8)
Go back to all versions of this package