应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
AInfluencers v31.1.4
51
安全评分
安全基线评分
51/100
低风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
2
高危
21
中危
3
信息
2
安全
隐私风险评估
1
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
2
中危安全漏洞
21
安全提示信息
3
已通过安全项
2
重点安全关注
0
高危安全漏洞 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/freshchat/consumer/sdk/activity/ArticleDetailActivity.java, line(s) 369,15 com/freshchat/consumer/sdk/activity/BotFaqDetailsActivity.java, line(s) 118,12 com/freshchat/consumer/sdk/activity/FAQDetailsActivity.java, line(s) 132,11 com/reactnativecommunity/webview/RNCWebViewManagerImpl.java, line(s) 490,17
高危安全漏洞 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/nimbusds/jose/crypto/impl/AESCBC.java, line(s) 31 com/nimbusds/jose/jca/JCASupport.java, line(s) 174
中危安全漏洞 Broadcast Receiver (com.dieam.reactnativepushnotification.modules.RNPushNotificationBootEventReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.dieam.reactnativepushnotification.modules.RNPushNotificationListenerService) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (io.invertase.firebase.messaging.ReactNativeFirebaseMessagingReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (app.notifee.core.NotificationReceiverActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (app.notifee.core.AlarmPermissionBroadcastReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/ainfluencers/BuildConfig.java, line(s) 13,4,15 com/dieam/reactnativepushnotification/modules/RNPushNotificationHelper.java, line(s) 42 com/freshchat/consumer/sdk/beans/Message.java, line(s) 519 com/freshchat/consumer/sdk/beans/PlaceHolderMeta.java, line(s) 50 com/freshchat/consumer/sdk/beans/fragment/TemplateFragment.java, line(s) 40 com/microsoft/codepush/react/CodePushConstants.java, line(s) 5,32,7,8,20,29,21,13,19,27,28,22,23,26,30,24 com/microsoft/codepush/react/CodePushTelemetryManager.java, line(s) 13,18,22,15,17,20,21,23 com/nimbusds/jose/HeaderParameterNames.java, line(s) 13 com/nimbusds/jose/jwk/JWKParameterNames.java, line(s) 6,16,17 com/reactnative/ivpusic/imagepicker/PickerModule.java, line(s) 57,60,62 io/invertase/firebase/common/TaskExecutorService.java, line(s) 14,15 io/invertase/firebase/messaging/ReactNativeFirebaseMessagingHeadlessService.java, line(s) 13,11 io/invertase/firebase/messaging/ReactNativeFirebaseMessagingSerializer.java, line(s) 22 io/invertase/notifee/NotifeeEventSubscriber.java, line(s) 17,25 io/sentry/Baggage.java, line(s) 33 io/sentry/SpanDataConvention.java, line(s) 4,5,8,9,15,17,16,20,18 io/sentry/TraceContext.java, line(s) 25 io/sentry/protocol/User.java, line(s) 41 net/time4j/tz/spi/WinZoneProviderSPI.java, line(s) 26
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/freshchat/consumer/sdk/util/as.java, line(s) 17 com/freshchat/consumer/sdk/util/cc.java, line(s) 153 com/learnium/RNDeviceInfo/RNDeviceModule.java, line(s) 394 com/reactnative/ivpusic/imagepicker/Compression.java, line(s) 40 com/reactnative/ivpusic/imagepicker/PickerModule.java, line(s) 494,741,752 com/rnfs/RNFSManager.java, line(s) 923,839,912,914,917 com/yalantis/ucrop/util/FileUtils.java, line(s) 50 io/invertase/firebase/utils/ReactNativeFirebaseUtilsModule.java, line(s) 113,122,123,124 io/sentry/android/core/DeviceInfoUtil.java, line(s) 169
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/freshchat/consumer/sdk/c/b.java, line(s) 6,7,8,34,43,92 com/freshchat/consumer/sdk/c/e.java, line(s) 6,210 com/freshchat/consumer/sdk/c/k.java, line(s) 6,146 com/freshchat/consumer/sdk/c/l.java, line(s) 6,112,155 com/freshchat/consumer/sdk/c/n.java, line(s) 6,62,125,712,731 com/freshchat/consumer/sdk/c/w.java, line(s) 5,6,107,114,276,376
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/freshchat/consumer/sdk/util/as.java, line(s) 247 com/freshchat/consumer/sdk/util/co.java, line(s) 22 com/reactnative/ivpusic/imagepicker/PickerModule.java, line(s) 745,756 io/sentry/react/RNSentryModuleImpl.java, line(s) 781
中危安全漏洞 此应用程序可能会请求root(超级用户)权限
此应用程序可能会请求root(超级用户)权限 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: io/sentry/android/core/internal/util/RootChecker.java, line(s) 22,22,22,22,22
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/freshchat/consumer/sdk/service/c/aa.java, line(s) 8 com/freshchat/consumer/sdk/util/cc.java, line(s) 30
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/freshchat/consumer/sdk/util/cc.java, line(s) 205
中危安全漏洞 IP地址泄露
IP地址泄露 Files: com/nimbusds/jose/jwk/Curve.java, line(s) 19,20,23,24,25
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: io/sentry/util/StringUtils.java, line(s) 72
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 凭证信息=> "io.branch.sdk.BranchKey" : "key_live_neIYWHneMtnDm0U1qgHzcdpcCzp9njdL" "ANDROID_CODE_PUSH_KEY" : "LtrxI2IGjPMfD9sUXDSvpkCpa6pk4ksvOXqog" "CodePushDeploymentKey" : "LtrxI2IGjPMfD9sUXDSvpkCpa6pk4ksvOXqog" "FRESH_CHAT_APP_ID" : "fbd94ed4-b45d-4372-9fa6-51c36d7de558" "FRESH_CHAT_APP_KEY" : "1aa3b43f-3677-4834-8427-ff8db37aeb98" "IOS_CODE_PUSH_KEY" : "OYIUUo7E6BuIVWvbz35XpajUBmEB4ksvOXqog" "freshchat_file_provider_authority" : "com.ainfluencers" "google_api_key" : "AIzaSyDgy4QeaCKBHLHBZz4jASGvX_h3VUPf59Q" "google_app_id" : "1:449823831339:android:98e65aff713200dd72416e" "google_crash_reporting_api_key" : "AIzaSyDgy4QeaCKBHLHBZz4jASGvX_h3VUPf59Q" 3757180025770020463545507224491183603594455134769762486694567779615544477440556316691234405012945539562144444537289428522585666729196580810124344277578376784 55066263022277343669578718895168534326250603453777594175500187360389116729240 115792089210356248762697446949407573529996955224135760342422259061068512044369 115792089210356248762697446949407573530086143415290314195533631308867097853951 1093849038073734274511112390766805569936207598951683748994586394495953116150735016013708737573759623248592132296706313309438452531591012912142327488478985984 6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057148 115792089210356248762697446949407573530086143415290314195533631308867097853948 1ddaa4b892e61b0f7010597ddc582ed3 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643 115792089237316195423570985008687907853269984665640564039457584007908834671663 36134250956749795798585127919587881956611106672985015071877198253568414405109 24b2477514809255df232947ce7928c4 39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112316 LtrxI2IGjPMfD9sUXDSvpkCpa6pk4ksvOXqog 41058363725152142129326129780047268409114441015993725554835256314039467401291 115792089237316195423570985008687907852837564279074904382605163141518161494337 48439561293906451759052585252797914202762949526041747995844080717082404635286 fbd94ed4-b45d-4372-9fa6-51c36d7de558 27580193559959705877849011840389048093056905856361568521428707301988689241309860865136260764883745107765439761230575 32670510020758816978083085130507043184471273380659243275938904335757337482424 OYIUUo7E6BuIVWvbz35XpajUBmEB4ksvOXqog 8325710961489029985546751289520108179287853048861315594709205902480503199884419224438643760392947333078086511627871 1aa3b43f-3677-4834-8427-ff8db37aeb98 39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319 73463f9d-70de-41f8-857a-58590bdd5903 2661740802050217063228768716723360960729859168756973147706671368418802944996427808491545080627771902352094241225065558662157113545570916814161637315895999846 90bd96d1c0b3dbe341cc5a33f373183a 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005449 6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151 26247035095799689268623156744566981891852923491109213387815615900925518854738050089022388053975719786650872476732087
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: app/notifee/core/AlarmPermissionBroadcastReceiver.java, line(s) 12 app/notifee/core/Logger.java, line(s) 13,17,34,39,22,26,30 app/notifee/core/RebootBroadcastReceiver.java, line(s) 12 app/notifee/core/b.java, line(s) 137 com/brentvatne/react/ReactVideoView.java, line(s) 363,367 com/dieam/reactnativepushnotification/helpers/ApplicationBadgeHelper.java, line(s) 30,33 com/dieam/reactnativepushnotification/modules/RNPushNotification.java, line(s) 116,215 com/dieam/reactnativepushnotification/modules/RNPushNotificationActions.java, line(s) 21 com/dieam/reactnativepushnotification/modules/RNPushNotificationAttributes.java, line(s) 268 com/dieam/reactnativepushnotification/modules/RNPushNotificationBootEventReceiver.java, line(s) 32,14,24,27 com/dieam/reactnativepushnotification/modules/RNPushNotificationConfig.java, line(s) 24,39,48,57,66 com/dieam/reactnativepushnotification/modules/RNPushNotificationHelper.java, line(s) 111,128,176,75,87,94,98,102,106,116,312,344,251,256,269,280,319,327,159,163,339 com/dieam/reactnativepushnotification/modules/RNPushNotificationListenerService.java, line(s) 33 com/dieam/reactnativepushnotification/modules/RNPushNotificationPicturesAggregator.java, line(s) 56,84,112 com/dieam/reactnativepushnotification/modules/RNPushNotificationPublisher.java, line(s) 16,20,29 com/dieam/reactnativepushnotification/modules/RNReceivedMessageHandler.java, line(s) 39 com/freshchat/consumer/sdk/Freshchat.java, line(s) 160 com/freshchat/consumer/sdk/activity/ConversationDetailActivity.java, line(s) 1616,2062 com/freshchat/consumer/sdk/activity/m.java, line(s) 202,209,211 com/freshchat/consumer/sdk/b/a/a.java, line(s) 41,55 com/freshchat/consumer/sdk/c/b.java, line(s) 33,89,91 com/freshchat/consumer/sdk/i/b.java, line(s) 60,172,301 com/freshchat/consumer/sdk/react/RNFreshchatSdk.java, line(s) 736,739,213,217,221,271,294,308,320,337,352,360,451,464,481,536,652,692,513,520,542,552,562,572,574,576,583,593,603,613,623,690,154 com/freshchat/consumer/sdk/receiver/FreshchatReceiver.java, line(s) 73 com/freshchat/consumer/sdk/service/a/g.java, line(s) 24 com/freshchat/consumer/sdk/service/b/b.java, line(s) 18 com/freshchat/consumer/sdk/ui/b.java, line(s) 231 com/freshchat/consumer/sdk/util/ad.java, line(s) 75,86,98,110,122,140,156 com/freshchat/consumer/sdk/util/ae.java, line(s) 308,114,132,151,190 com/freshchat/consumer/sdk/util/au.java, line(s) 16 com/freshchat/consumer/sdk/util/cc.java, line(s) 236 com/freshchat/consumer/sdk/util/cf.java, line(s) 459,793,871,895,902,915,917 com/freshchat/consumer/sdk/util/cj.java, line(s) 90 com/freshchat/consumer/sdk/util/co.java, line(s) 24,37,82,105,41,100,88,109 com/freshchat/consumer/sdk/util/e.java, line(s) 30 com/freshchat/consumer/sdk/util/k.java, line(s) 88 com/henninghall/date_picker/DerivedData.java, line(s) 97 com/henninghall/date_picker/pickers/AndroidNative.java, line(s) 69,71,73 com/horcrux/svg/Brush.java, line(s) 140,151 com/horcrux/svg/ClipPathView.java, line(s) 34 com/horcrux/svg/FilterView.java, line(s) 93 com/horcrux/svg/ImageView.java, line(s) 135 com/horcrux/svg/LinearGradientView.java, line(s) 72 com/horcrux/svg/PatternView.java, line(s) 83 com/horcrux/svg/RadialGradientView.java, line(s) 84 com/horcrux/svg/SvgViewManager.java, line(s) 247 com/horcrux/svg/UseView.java, line(s) 53,89,103 com/horcrux/svg/VirtualView.java, line(s) 385,312,349,353 com/learnium/RNDeviceInfo/RNDeviceModule.java, line(s) 247,324,422,427,538,590,685,873 com/learnium/RNDeviceInfo/RNInstallReferrerClient.java, line(s) 77,83,88,101,28,44,95 com/learnium/RNDeviceInfo/resolver/DeviceIdResolver.java, line(s) 35,41 com/lugg/RNCConfig/RNCConfigModule.java, line(s) 35,39 com/microsoft/codepush/react/CodePushUtils.java, line(s) 243,247 com/reactcommunity/rndatetimepicker/Common.java, line(s) 138 com/reactcommunity/rndatetimepicker/MinuteIntervalSnappableTimePickerDialog.java, line(s) 119,185 com/reactnative/ivpusic/imagepicker/Compression.java, line(s) 42,87,90,92 com/reactnative/ivpusic/imagepicker/PickerModule.java, line(s) 515 com/reactnative/ivpusic/imagepicker/ResultCollector.java, line(s) 66,74,39,45 com/reactnativecommunity/cameraroll/CameraRollModule.java, line(s) 538,552,591,607,626,653,672,700 com/reactnativecommunity/webview/RNCWebView.java, line(s) 391 com/reactnativecommunity/webview/RNCWebViewClient.java, line(s) 101,180,90,106,134,182 com/reactnativecommunity/webview/RNCWebViewManagerImpl.java, line(s) 173,186 com/reactnativecommunity/webview/RNCWebViewModuleImpl.java, line(s) 301,306,330,335,209,237,240,254 com/reactnativemmkv/MmkvModule.java, line(s) 38,27,33,35 com/swmansion/gesturehandler/react/RNGestureHandlerModule.java, line(s) 697 com/swmansion/gesturehandler/react/RNGestureHandlerRootHelper.java, line(s) 48,66 com/swmansion/gesturehandler/react/RNGestureHandlerRootView.java, line(s) 35 com/swmansion/reanimated/NativeMethodsHelper.java, line(s) 47 com/swmansion/reanimated/ReanimatedModule.java, line(s) 102 com/swmansion/reanimated/ReanimatedUIManagerFactory.java, line(s) 21 com/swmansion/reanimated/layoutReanimation/AnimationsManager.java, line(s) 200,214 com/swmansion/reanimated/layoutReanimation/ReanimatedNativeHierarchyManager.java, line(s) 38 com/swmansion/reanimated/layoutReanimation/SharedTransitionManager.java, line(s) 122 com/swmansion/reanimated/nativeProxy/NativeProxyCommon.java, line(s) 188 com/swmansion/reanimated/sensor/ReanimatedSensorContainer.java, line(s) 35 com/swmansion/rnscreens/ScreenStackHeaderConfigViewManager.java, line(s) 178 com/swmansion/rnscreens/ScreensModule.java, line(s) 45,91,48 com/th3rdwave/safeareacontext/SafeAreaView.java, line(s) 107 com/yalantis/ucrop/UCropActivity.java, line(s) 153 com/yalantis/ucrop/task/BitmapCropTask.java, line(s) 113 com/yalantis/ucrop/task/BitmapLoadTask.java, line(s) 122,151,196,83,86,128,137,144 com/yalantis/ucrop/util/BitmapLoadUtils.java, line(s) 103,51,82 com/yalantis/ucrop/util/EglUtils.java, line(s) 23 com/yalantis/ucrop/util/FileUtils.java, line(s) 58 com/yalantis/ucrop/util/ImageHeaderParser.java, line(s) 54,61,72,80,112,122,134,148,162,168,172,177,183,187,290,53,60,71,79,111,121,133,147,161,167,171,176,182,186 com/yalantis/ucrop/view/TransformImageView.java, line(s) 214,231,123,78 com/zoontek/rnpermissions/RNPermissionsModuleImpl.java, line(s) 279 io/invertase/firebase/app/ReactNativeFirebaseApp.java, line(s) 16 io/invertase/firebase/app/ReactNativeFirebaseAppModule.java, line(s) 52 io/invertase/firebase/common/RCTConvertFirebase.java, line(s) 115 io/invertase/firebase/common/ReactNativeFirebaseEventEmitter.java, line(s) 130 io/invertase/firebase/common/SharedUtils.java, line(s) 87,288,346,146 io/invertase/firebase/messaging/ReactNativeFirebaseMessagingModule.java, line(s) 81 io/invertase/firebase/messaging/ReactNativeFirebaseMessagingReceiver.java, line(s) 20,25,45 io/invertase/firebase/utils/ReactNativeFirebaseUtilsModule.java, line(s) 70 io/invertase/notifee/NotifeeReactUtils.java, line(s) 192,207 io/sentry/SystemOutLogger.java, line(s) 14,22,31 io/sentry/android/core/AndroidLogger.java, line(s) 86,82,74,78,84 io/sentry/android/core/SentryLogcatAdapter.java, line(s) 43,48,78,83,53,58,33,38,63,68,73,88,93,98 io/sentry/android/replay/WindowManagerSpy.java, line(s) 25,83 io/sentry/android/replay/WindowSpy.java, line(s) 24,42 io/sentry/transport/StdoutTransport.java, line(s) 51 net/time4j/android/ApplicationStarter.java, line(s) 105,54,58,84,100,101,102,103 net/time4j/base/ResourceLoader.java, line(s) 90,116 net/time4j/format/expert/ChronoFormatter.java, line(s) 499,540,589,593,1005,1032,1275,1281,562,587,590,949,952,1010,1025,1033,1148,1168,1174,1218,1299,1332 net/time4j/format/expert/CustomizedProcessor.java, line(s) 101,107 net/time4j/format/expert/FormatStep.java, line(s) 296 net/time4j/format/expert/IgnorableWhitespaceProcessor.java, line(s) 49 net/time4j/format/expert/Iso8601Format.java, line(s) 78,92 net/time4j/format/expert/LiteralProcessor.java, line(s) 113,152,294 net/time4j/format/expert/LocalizedGMTProcessor.java, line(s) 192,236,239,253,256,269,281,284,303,306,311,348,351 net/time4j/format/expert/LookupProcessor.java, line(s) 78,79,98,110,118 net/time4j/format/expert/MultiFormatParser.java, line(s) 37,50,65,35,48,54,63,69 net/time4j/format/expert/SkipProcessor.java, line(s) 75 net/time4j/format/expert/StyleProcessor.java, line(s) 79 net/time4j/format/expert/TextProcessor.java, line(s) 97,83,84,99,111,114 net/time4j/format/expert/TimezoneGenericProcessor.java, line(s) 121,143,184,189,192 net/time4j/format/expert/TimezoneIDProcessor.java, line(s) 44,59,63,68,73,78,94,100 net/time4j/format/expert/TimezoneNameProcessor.java, line(s) 116,142,213,230,232 net/time4j/i18n/WeekdataProviderSPI.java, line(s) 141 net/time4j/tz/spi/ZoneNameProviderSPI.java, line(s) 152 org/greenrobot/eventbus/Logger.java, line(s) 32,37
安全提示信息 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改
此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/reactnativecommunity/clipboard/ClipboardModule.java, line(s) 30,246,246,4
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/freshchat/consumer/sdk/activity/aj.java, line(s) 4,31 com/reactnativecommunity/clipboard/ClipboardModule.java, line(s) 4,103
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: io/sentry/android/core/DeviceInfoUtil.java, line(s) 140 io/sentry/android/core/internal/util/RootChecker.java, line(s) 40,22,22,22,22,22,22,34
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/449823831339/namespaces/firebase:fetch?key=AIzaSyDgy4QeaCKBHLHBZz4jASGvX_h3VUPf59Q ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
综合安全基线评分总结
AInfluencers v31.1.4
Android APK
51
综合安全评分
中风险