-
### Finding Description
The application was found to be using a vulnerable version of the OkHttp library.
This indicates that an attacker could bypass certificate pinning by sending a certificate cha…
-
### Finding Description
Stack smashing protection has not been implemented in components included in the application. When an application is compiled with stack smashing protection, a known value or …
-
### Finding Description
ASLR/PIC protection is not implemented for certain components of the binary package.
ASLR (Address space layout randomization) is a security feature introduced in Android that…
-
### Finding Description
Your application is using `addJavascriptInterface()`. This may allow an attacker to execute arbitrary code on Android devices. The vulnerability is exploited by injecting Java…
-
It is detected with chrome 116.0.5845.110
It looks like https://github.com/ultrafunkamsterdam is having the same issue too.
```rs
use undetected_chromedriver::chrome;
use tokio;
#[tokio::main…
-
Acceptance criteria
- [ ] Follow up with https://www.nowsecure.com and get an account we can test an apk file with
- [ ] Test the Tonomy ID apk file
Follow up
- https://www.nowsecure.com/blog/2021/…
-
### Finding Description
Stack smashing protection has not been implemented in components included in the application. When an application is compiled with stack smashing protection, a known value or …
-
### Finding Description
ASLR/PIC protection is not implemented for certain components of the binary package.
ASLR (Address space layout randomization) is a security feature introduced in Android that…
-
### Finding Description
The app is allowing debuggable webviews. If an attacker gained access to an unlocked device, they can use those webviews to access data on the device. That data can even be in…
-
### Finding Description
Stack smashing protection has not been implemented in components included in the application. When an application is compiled with stack smashing protection, a known value or …