| MASVS-CODE-1 |
|
The app requires an up-to-date platform version. |
|
|
|
|
|
|
|
MASTG-TEST-0245MASTG-TEST-0245 |
References to Platform Version APIs |
platform:android |
|
profile:L2 |
|
|
newstatus:new |
| MASVS-CODE-2 |
|
The app has a mechanism for enforcing app updates. |
|
|
|
|
|
|
|
MASTG-TEST-0036MASTG-TEST-0036 |
Testing Enforced Updating |
platform:android |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0080MASTG-TEST-0080 |
Testing Enforced Updating |
platform:ios |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
| MASVS-CODE-3 |
|
The app only uses software components without known vulnerabilities. |
|
|
|
|
|
|
|
MASTG-TEST-0272MASTG-TEST-0272 |
Identify Dependencies with Known Vulnerabilities in the Android Project |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0042MASTG-TEST-0042 |
Checking for Weaknesses in Third Party Libraries |
platform:android |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0223MASTG-TEST-0223 |
Stack Canaries Not Enabled |
platform:android |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0222MASTG-TEST-0222 |
Position Independent Code (PIC) Not Enabled |
platform:android |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0274MASTG-TEST-0274 |
Dependencies with Known Vulnerabilities in the App's SBOM |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0273MASTG-TEST-0273 |
Identify Dependencies with Known Vulnerabilities by Scanning Dependency Managers Artifacts |
platform:ios |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0229MASTG-TEST-0229 |
Stack Canaries Not enabled |
platform:ios |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0230MASTG-TEST-0230 |
Automatic Reference Counting (ARC) not enabled |
platform:ios |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0228MASTG-TEST-0228 |
Position Independent Code (PIC) not Enabled |
platform:ios |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0085MASTG-TEST-0085 |
Checking for Weaknesses in Third Party Libraries |
platform:ios |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0275MASTG-TEST-0275 |
Dependencies with Known Vulnerabilities in the App's SBOM |
platform:ios |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
| MASVS-CODE-4 |
|
The app validates and sanitizes all untrusted inputs. |
|
|
|
|
|
|
|
MASTG-TEST-0002MASTG-TEST-0002 |
Testing Local Storage for Input Validation |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0025MASTG-TEST-0025 |
Testing for Injection Flaws |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0044MASTG-TEST-0044 |
Make Sure That Free Security Features Are Activated |
platform:android |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0043MASTG-TEST-0043 |
Memory Corruption Bugs |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0026MASTG-TEST-0026 |
Testing Implicit Intents |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0027MASTG-TEST-0027 |
Testing for URL Loading in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0034MASTG-TEST-0034 |
Testing Object Persistence |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0087MASTG-TEST-0087 |
Make Sure That Free Security Features Are Activated |
platform:ios |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0079MASTG-TEST-0079 |
Testing Object Persistence |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0086MASTG-TEST-0086 |
Memory Corruption Bugs |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |