Safety vulnerability ID: 71898
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In affected versions, MobSF does not perform any input validation when extracting the hostnames in `android:host`, so requests can also be sent to local hostnames. This can lead to server-side request forgery. An attacker can cause the server to make a connection to internal-only services within the organization's infrastructure.
Latest version: 0.4.5
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application