The app includes an unnecessary debugging library called DebugProbesKt.bin.
DebugProbesKt.bin is a file created during development to facilitate debugging Kotlin coroutines. While it is useful during development and testing for diagnosing and resolving problems related to coroutines, it is not intended for inclusion in production builds, as it serves no functional purpose in released apps.
Business Impact
Including the DebugProbesKt.bin library with the app enables debug probes that can be used by attackers to obtain diagnostic information. These include stack-traces, memory dumps, and the potential to extract sensitive data or manipulate the app in some way.
Remediation Resources
As a general best practice, consider removing all debugging code from your production builds as it can introduce security vulnerabilities, affect performance, and increase the app's size.
To remove this library, simply exclude it from your build by adding the following snippet to the android block in your Gradle file for the app subproject:
Finding Description
The app includes an unnecessary debugging library called DebugProbesKt.bin.
DebugProbesKt.bin is a file created during development to facilitate debugging Kotlin coroutines. While it is useful during development and testing for diagnosing and resolving problems related to coroutines, it is not intended for inclusion in production builds, as it serves no functional purpose in released apps.
Business Impact
Including the DebugProbesKt.bin library with the app enables debug probes that can be used by attackers to obtain diagnostic information. These include stack-traces, memory dumps, and the potential to extract sensitive data or manipulate the app in some way.
Remediation Resources
As a general best practice, consider removing all debugging code from your production builds as it can introduce security vulnerabilities, affect performance, and increase the app's size.
To remove this library, simply exclude it from your build by adding the following snippet to the android block in your Gradle file for the app subproject:
Risk and Regulatory Information
Severity: info
Policy Category: Informational
Application
See more detail in the NowSecure Report