| MASVS-PLATFORM-1 |
|
The app uses IPC mechanisms securely. |
|
|
|
|
|
|
|
MASTG-TEST-0024MASTG-TEST-0024 |
Testing for App Permissions |
platform:android |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0030MASTG-TEST-0030 |
Testing for Vulnerable Implementation of PendingIntent |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0028MASTG-TEST-0028 |
Testing Deep Links |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0029MASTG-TEST-0029 |
Testing for Sensitive Functionality Exposure Through IPC |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0007MASTG-TEST-0007 |
Determining Whether Sensitive Stored Data Has Been Exposed via IPC Mechanisms |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0071MASTG-TEST-0071 |
Testing UIActivity Sharing |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0075MASTG-TEST-0075 |
Testing Custom URL Schemes |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0070MASTG-TEST-0070 |
Testing Universal Links |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0056MASTG-TEST-0056 |
Determining Whether Sensitive Data Is Exposed via IPC Mechanisms |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0069MASTG-TEST-0069 |
Testing App Permissions |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0072MASTG-TEST-0072 |
Testing App Extensions |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0073MASTG-TEST-0073 |
Testing UIPasteboard |
platform:ios |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
| MASVS-PLATFORM-2 |
|
The app uses WebViews securely. |
|
|
|
|
|
|
|
MASTG-TEST-0250MASTG-TEST-0250 |
References to Content Provider Access in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0032MASTG-TEST-0032 |
Testing WebView Protocol Handlers |
platform:android |
profile:L1 |
profile:L2 |
|
|
deprecatedstatus:deprecated |
|
MASTG-TEST-0253MASTG-TEST-0253 |
Runtime Use of Local File Access APIs in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0251MASTG-TEST-0251 |
Runtime Use of Content Provider Access APIs in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0031MASTG-TEST-0031 |
Testing JavaScript Execution in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0037MASTG-TEST-0037 |
Testing WebViews Cleanup |
platform:android |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0033MASTG-TEST-0033 |
Testing for Java Objects Exposed Through WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0252MASTG-TEST-0252 |
References to Local File Access in WebViews |
platform:android |
profile:L1 |
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0078MASTG-TEST-0078 |
Determining Whether Native Methods Are Exposed Through WebViews |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0077MASTG-TEST-0077 |
Testing WebView Protocol Handlers |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0076MASTG-TEST-0076 |
Testing iOS WebViews |
platform:ios |
profile:L1 |
profile:L2 |
|
|
update-pendingstatus:update-pending |
| MASVS-PLATFORM-3 |
|
The app uses the user interface securely. |
|
|
|
|
|
|
|
MASTG-TEST-0008MASTG-TEST-0008 |
Checking for Sensitive Data Disclosure Through the User Interface |
platform:android |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0035MASTG-TEST-0035 |
Testing for Overlay Attacks |
platform:android |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0258MASTG-TEST-0258 |
References to Keyboard Caching Attributes in UI Elements |
platform:android |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0010MASTG-TEST-0010 |
Finding Sensitive Information in Auto-Generated Screenshots |
platform:android |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0276MASTG-TEST-0276 |
Use of the iOS General Pasteboard |
platform:ios |
|
profile:L2 |
|
|
newstatus:new |
|
MASTG-TEST-0279MASTG-TEST-0279 |
Pasteboard Contents Not Expiring |
platform:ios |
|
profile:L2 |
|
|
placeholderstatus:placeholder |
|
MASTG-TEST-0057MASTG-TEST-0057 |
Checking for Sensitive Data Disclosed Through the User Interface |
platform:ios |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0059MASTG-TEST-0059 |
Testing Auto-Generated Screenshots for Sensitive Information |
platform:ios |
|
profile:L2 |
|
|
update-pendingstatus:update-pending |
|
MASTG-TEST-0280MASTG-TEST-0280 |
Pasteboard Contents Not Restricted to Local Device |
platform:ios |
|
profile:L2 |
|
|
placeholderstatus:placeholder |
|
MASTG-TEST-0278MASTG-TEST-0278 |
Pasteboard Contents Not Cleared After Use |
platform:ios |
|
profile:L2 |
|
|
placeholderstatus:placeholder |
|
MASTG-TEST-0277MASTG-TEST-0277 |
Sensitive Data in the iOS General Pasteboard at Runtime |
platform:ios |
|
profile:L2 |
|
|
newstatus:new |