Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The mitigation for CVE-2024-29190 in valid_host() uses socket.gethostbyname(), which is vulnerable to SSRF abuse using DNS rebinding technique. This vulnerability is fixed in 4.3.2.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| mobsf(PyPI) | 0 | 4.3.2 | N/A |
CVSS Metrics
