Python mobsfscan package security update advisory

Mar 26 2024

Overview

An update has been made available to address a vulnerability in the Python mobsfscan package. users of affected versions are advised to update to the latest version.

Affected Products

mobsfscan

mobsfscan versions: <= 0.3.7 (included)
mobsfscan versions: 0.3.8 (excluded) to 3.9.5 Beta (included)

Resolved Vulnerabilities

SSRF vulnerability in Assetlinks_check(act_name, Well_knowns) in mobsfscan (CVE-2024-29190)

Vulnerability Patches

vulnerability patches were made available in the March 23, 2024 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Mobsfscan 0.3.8. 3.9.7 version

Referenced Sites

[1] CVE-2024-29190 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-29190

[2] SSRF Vulnerability on assetlinks_check(act_name, well_knowns)

https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-wfgj-wrgh-h3r3

[3] HOTFIX:[SECURITY] Fix GHSA-wfgj-wrgh-h3r3, dep bump, docker build qa

https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/5a8eeee73c5f504a6c3abdf2a139a13804efdb77

Python mobsfscan package security update advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

MS Family March 2024 Routine Security Update Advisory

Intel Family (Hardware) March 2024 Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

MS Family March 2024 Routine Security Update Advisory

Intel Family (Hardware) March 2024 Security Update Advisory