Free-RASP-Flutter icon indicating copy to clipboard operation
Free-RASP-Flutter copied to clipboard
verified publisher icon talsec

Use of Outdated Vulnerable Component: [email protected]

Open Maf-Dy opened this issue 1 year ago • 2 comments

Describe the bug While analyzing the apk generated of using FreeRasp 6.5.1 ( latest current version ) ( Or specifically this android native implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community-Flutter:9.1.0' in android build.gradle ) Analyzing the apk has detected the usage of [email protected]

To Reproduce Use freerasp, analyze the .apk by any security scanning tool ( like MobSF)

Expected behavior Inside lib/abi_folder/libclib.so files there are strings outlining that openssl version 1.1.1w is used If Freerasp is confirmed to use this, please update it if possible

Please complete the following information:

  • Version of freeRASP: 6.5.1

Maf-Dy avatar Jun 03 '24 06:06 Maf-Dy

Hello.

Thank you for bringing this issue to our attention. We'll take a closer look at it.

yardexx avatar Jun 03 '24 14:06 yardexx

Hello @Maf-Dy ,

the issue has been fixed and will be part of next release.

Kind regards, Talsec team

msikyna avatar Aug 08 '24 07:08 msikyna