v4.0.7
v4.0.7 Changelog
-
Features or Enhancements
- Support Authentication & Authorization in MobSF
- Added support for SSO + Okta SSO Documentation
- Promoted from Beta to Stable since v4.0.0
- Added Pagination support for recent scans
- Added support for scanning AAB with MobSF
- Convert AAB to APK for scanning
- Dockerfile QA
- Prevent docker container exits on volume mount
- Android Frida root bypass and debugger bypass scripts improvements
- Added a new Android SAST Rule
android_webview_allow_file_from_url
- Deeplink Trigger Support for Android Dynamic Analyzer
- Added support for real time scan status and scan logs in scan report, REST API exposed
- Add support for numeric iOS Bundle ID
- General Code QA
- Dependency Bump
-
Security
- Fixed an SSRF in firebase db check in MobSF <=3.9.7
- Fixes a zip slip vulnerability in MobSF <= 4.0.6 affecting AR archive extraction
What's Changed
- [SECURITY] Fixes an SSRF vulnerability report from positive technologies by @ajinabraham in #2373
- Update README.md by @ajinabraham in #2383
- fix IP2Location error by @ohyeah521 in #2372
- Update SUPPORT.md by @ajinabraham in #2384
- [EFR] AuthZ and AuthN for MobSF + Bug Fixes by @ajinabraham in #2366
- [EFR] SSO Support + Okta SSO Documentation by @ajinabraham in #2389
- [HOTFIX] SSO Support hosts behind proxy by @ajinabraham in #2390
- feat(page): recent scans add page jumper by @miaoyc666 in #2348
- [HOTFIX] Support AAB with MobSF, Convert AAB to APK, Fixes #2387 by @ajinabraham in #2391
- [HOTFIX] Code QA by @ajinabraham in #2393
- [HOTFIX] AppSec PNW 2024, Deeplink Trigger Support for Android Dynamic Analyzer by @ajinabraham in #2402
- [HOTFIX] SECURITY.md by @ajinabraham in #2418
- [EFR] Realtime Scan status and logs by @ajinabraham in #2416
- [SECURITY][HOTFIX] Fixes GHSA-4hh3-vj32-gr6j by @ajinabraham in #2421
- [HOTFIX] Bump deps by @ajinabraham in #2426
- Check for internet before attempting to download APK by @ayushmanchhabra in #2422
- [HOTFIX] dep bups + Fix #2424 by @ajinabraham in #2431
New Contributors
- @miaoyc666 made their first contribution in #2348
- @ayushmanchhabra made their first contribution in #2422
Full Changelog: v3.9.7...v4.0.7