安全分析报告: NewPipe v0.27.0

安全分数


安全分数 54/100

风险评级


等级

  1. A
  2. B
  3. C
  4. F

严重性分布 (%)


隐私风险

1

用户/设备跟踪器


调研结果

高危 0
中危 15
信息 2
安全 1
关注 0

中危 应用程序数据可以被备份 

[android:allowBackup=true]
这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。

中危 Broadcast Receiver (androidx.media.session.MediaButtonReceiver) 未被保护。 

[android:exported=true]
发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

中危 Service (org.schabi.newpipe.player.PlayerService) 未被保护。 

[android:exported=true]
发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

中危 Activity (org.schabi.newpipe.PanicResponderActivity) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

中危 Activity (org.schabi.newpipe.util.FilePickerActivityHelper) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

中危 Activity (org.schabi.newpipe.RouterActivity) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.DUMP [android:exported=true]
发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.DUMP [android:exported=true]
发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 

应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage

Files:
org/acra/file/Directory.java, line(s) 50,100
org/schabi/newpipe/settings/NewPipeSettings.java, line(s) 54
org/schabi/newpipe/streams/io/StoredFileHelper.java, line(s) 460,469
org/schabi/newpipe/util/FilePickerActivityHelper.java, line(s) 51,95,98,99
us/shandian/giga/service/DownloadManager.java, line(s) 54,449

中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 

应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2

Files:
us/shandian/giga/get/sqlite/FinishedMissionStore.java, line(s) 6,7,28,34,38,55

中危 应用程序使用不安全的随机数生成器 

应用程序使用不安全的随机数生成器
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators

Files:
j$/util/concurrent/ThreadLocalRandom.java, line(s) 14
org/schabi/newpipe/extractor/services/youtube/YoutubeParsingHelper.java, line(s) 30
org/schabi/newpipe/extractor/utils/RandomStringFromAlphabetGenerator.java, line(s) 3

中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 

文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10

Files:
org/jsoup/parser/TokeniserState.java, line(s) 1224,1227

中危 应用程序包含隐私跟踪程序 

此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。

中危 此应用可能包含硬编码机密信息 

从应用程序中识别出以下机密确保这些不是机密或私人信息
"add_to_playlist_key" : "add_to_playlist"
"adjustment_step_key" : "adjustment_step_key"
"allow_disposed_exceptions_key" : "allow_disposed_exceptions_key"
"allow_heap_dumping_key" : "allow_heap_dumping_key"
"always_use_exoplayer_set_output_surface_workaround_key" : "always_use_exoplayer_set_output_surface_workaround_key"
"app_language_key" : "app_language_key"
"audio_m4a_key" : "audio_m4a"
"audio_webm_key" : "audio_webm"
"auto_device_theme_key" : "auto_device_theme"
"auto_queue_key" : "auto_queue_key"
"autoplay_always_key" : "autoplay_always_key"
"autoplay_key" : "autoplay_key"
"autoplay_never_key" : "autoplay_never_key"
"autoplay_wifi_key" : "autoplay_wifi_key"
"background_player_key" : "background_player"
"best_resolution_key" : "best_resolution"
"black_theme_key" : "black_theme"
"brightness_control_key" : "brightness_control"
"caption_settings_key" : "caption_settings_key"
"caption_user_set_key" : "caption_user_set_key"
"clear_cookie_key" : "clear_cookie"
"clear_playback_states_key" : "clear_playback_states"
"clear_search_history_key" : "clear_search_history"
"clear_views_history_key" : "clear_play_history"
"content_country_key" : "content_country"
"content_language_key" : "content_language"
"dark_theme_key" : "dark_theme"
"debug_pref_screen_key" : "debug_pref_screen_key"
"default_audio_format_key" : "default_audio_format"
"default_localization_key" : "system"
"default_popup_resolution_key" : "default_popup_resolution"
"default_resolution_key" : "default_resolution"
"default_video_format_key" : "default_video_format"
"disable_media_tunneling_key" : "disable_media_tunneling_key"
"disabled_media_tunneling_automatically_key" : "disabled_media_tunneling_automatically_key"
"download_key" : "download"
"download_path_audio_key" : "download_path_audio"
"download_path_video_key" : "download_path"
"enable_playback_resume_key" : "enable_playback_resume"
"enable_playback_state_lists_key" : "enable_playback_state_lists"
"enable_search_history_key" : "enable_search_history"
"enable_watch_history_key" : "enable_watch_history"
"exoplayer_settings_key" : "exoplayer_settings_key"
"feed_fetch_channel_tabs_key" : "feed_fetch_channel_tabs"
"feed_show_future_items_key" : "feed_show_future_items"
"feed_show_partially_watched_items_key" : "feed_show_partially_watched_items"
"feed_show_watched_items_key" : "feed_show_played_items"
"feed_use_dedicated_fetch_method_key" : "feed_use_dedicated_fetch_method"
"image_quality_high_key" : "image_quality_high"
"image_quality_key" : "image_quality_key"
"image_quality_low_key" : "image_quality_low"
"image_quality_medium_key" : "image_quality_medium"
"image_quality_none_key" : "image_quality_none"
"last_download_type_audio_key" : "last_dl_type_audio"
"last_download_type_video_key" : "last_dl_type_video"
"left_gesture_control_key" : "left_gesture_control"
"light_theme_key" : "light_theme"
"limit_data_usage_none_key" : "limit_data_usage_none"
"limit_mobile_data_usage_key" : "limit_mobile_data_usage"
"list_view_mode_auto_key" : "auto"
"list_view_mode_card_key" : "card"
"list_view_mode_grid_key" : "grid"
"list_view_mode_key" : "list_view_mode"
"list_view_mode_list_key" : "list"
"main_page_content_key" : "main_page_content"
"main_tabs_position_key" : "main_tabs_position"
"metadata_cache_wipe_key" : "cache_wipe_key"
"metadata_privacy_private" : "Private"
"minimize_on_exit_background_key" : "minimize_on_exit_background_key"
"minimize_on_exit_key" : "minimize_on_exit_key"
"minimize_on_exit_none_key" : "minimize_on_exit_none_key"
"minimize_on_exit_popup_key" : "minimize_on_exit_popup_key"
"night_theme_key" : "night_theme"
"none_control_key" : "none_control"
"notification_colorize_key" : "notification_colorize_key"
"notification_slot_0_key" : "notification_slot_0_key"
"notification_slot_1_key" : "notification_slot_1_key"
"notification_slot_2_key" : "notification_slot_2_key"
"notification_slot_3_key" : "notification_slot_3_key"
"notification_slot_4_key" : "notification_slot_4_key"
"notification_slot_compact_0_key" : "notification_slot_compact_0_key"
"notification_slot_compact_1_key" : "notification_slot_compact_1_key"
"notification_slot_compact_2_key" : "notification_slot_compact_2_key"
"peertube_instance_list_key" : "peertube_instance_list"
"peertube_instance_setup_key" : "peertube_instance_setup"
"peertube_selected_instance_key" : "peertube_selected_instance"
"playback_adjust_by_semitones_key" : "playback_adjust_by_semitones_key"
"playback_pitch_key" : "playback_pitch_key"
"playback_skip_silence_key" : "playback_skip_silence_key"
"playback_speed_key" : "playback_speed_key"
"playback_unhook_key" : "playback_unhook_key"
"player_notification_screen_key" : "player_notification_screen"
"popup_player_key" : "popup_player"
"popup_remember_size_pos_key" : "popup_remember_size_pos_key"
"popup_saved_width_key" : "popup_saved_width"
"popup_saved_x_key" : "popup_saved_x"
"popup_saved_y_key" : "popup_saved_y"
"prefer_descriptive_audio_key" : "prefer_descriptive_audio"
"prefer_original_audio_key" : "prefer_original_audio"
"progressive_load_interval_key" : "progressive_load_interval"
"recaptcha_cookies_key" : "recaptcha_cookies_key"
"resume_on_audio_focus_gain_key" : "resume_on_audio_focus_gain"
"right_gesture_control_key" : "right_gesture_control"
"saved_tabs_key" : "saved_tabs_key"
"scale_to_square_image_in_notifications_key" : "scale_to_square_image_in_notifications"
"screen_brightness_key" : "screen_brightness_key"
"screen_brightness_timestamp_key" : "screen_brightness_timestamp_key"
"seek_duration_key" : "seek_duration"
"seekbar_preview_thumbnail_key" : "seekbar_preview_thumbnail_key"
"settings_file_charset_key" : "file_rename_charset"
"settings_file_replacement_character_key" : "file_replacement_character"
"show_channel_tabs_key" : "channel_tabs"
"show_comments_key" : "show_comments"
"show_description_key" : "show_description"
"show_higher_resolutions_key" : "show_higher_resolutions"
"show_image_indicators_key" : "show_image_indicators_key"
"show_info_key" : "show_info"
"show_local_search_suggestions_key" : "show_local_search_suggestions"
"show_memory_leaks_key" : "show_memory_leaks_key"
"show_meta_info_key" : "show_meta_info"
"show_next_video_key" : "show_next_video"
"show_original_time_ago_key" : "show_original_time_ago_key"
"show_play_with_kodi_key" : "show_play_with_kodi"
"show_remote_search_suggestions_key" : "show_remote_search_suggestions"
"show_search_suggestions_key" : "show_search_suggestions"
"show_thumbnail_key" : "show_thumbnail_key"
"start_main_player_fullscreen_key" : "start_main_player_fullscreen_key"
"stream_info_selected_tab_key" : "stream_info_selected_tab"
"streams_notifications_channels_key" : "streams_notifications_channels"
"streams_notifications_interval_key" : "streams_notifications_interval"
"streams_notifications_network_key" : "streams_notifications_network"
"tablet_mode_auto_key" : "auto"
"tablet_mode_key" : "tablet_mode"
"tablet_mode_off_key" : "off"
"tablet_mode_on_key" : "on"
"theme_key" : "theme"
"use_exoplayer_decoder_fallback_key" : "use_exoplayer_decoder_fallback_key"
"use_external_audio_player_key" : "use_external_audio_player"
"use_external_video_player_key" : "use_external_video_player"
"use_inexact_seek_key" : "use_inexact_seek_key"
"video_3gp_key" : "video_3gp"
"video_mp4_key" : "video_mp4"
"video_player_key" : "video_player"
"video_webm_key" : "video_webm"
"volume_control_key" : "volume_control"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Yksityinen"
"metadata_privacy_private" : "Privado"
"metadata_privacy_private" : "Prywatny"
"metadata_privacy_private" : "Privasi"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Private"
"metadata_privacy_private" : "Privatno"
"metadata_privacy_private" : "Gizli"
"metadata_privacy_private" : "Privado"
"metadata_privacy_private" : "Einka"
"metadata_privacy_private" : "Privaatne"
"metadata_privacy_private" : "Privato"
"metadata_privacy_private" : "Privatus"
"metadata_privacy_private" : "Privado"
"metadata_privacy_private" : "Pribatua"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Privado"
"metadata_privacy_private" : "Pribado"
"metadata_privacy_private" : "Private"
"metadata_privacy_private" : "Privadu"
"metadata_privacy_private" : "Privata"
"metadata_privacy_private" : "Privat"
"metadata_privacy_private" : "Privado"
7591e8039faa74d8c0517dc867af9d3e
cb84069bd68116bafae5ee4ee5b08a567aa6d898404e7cb12f9e756df5cf5cab
d3fe862898d1b6d0c97c76386b82dd78

信息 应用程序记录日志信息,不得记录敏感信息 

应用程序记录日志信息,不得记录敏感信息
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs

Files:
icepick/Icepick.java, line(s) 30,39,45,49
io/noties/markwon/LinkResolverDef.java, line(s) 21
org/acra/ACRA.java, line(s) 67
org/acra/builder/ReportExecutor.java, line(s) 66
org/acra/collector/LogCatCollector.java, line(s) 93
org/acra/log/AndroidLogDelegate.java, line(s) 11,40,48,18,25,33
org/acra/reporter/ErrorReporterImpl.java, line(s) 73,35
org/acra/sender/ReportDistributor.java, line(s) 119
org/schabi/newpipe/App.java, line(s) 103,125,64
org/schabi/newpipe/BaseFragment.java, line(s) 49,62,77
org/schabi/newpipe/MainActivity.java, line(s) 82,393,400,416,437,509,526,537,591
org/schabi/newpipe/NewVersionWorker.java, line(s) 145,120,132,150
org/schabi/newpipe/database/Migrations.java, line(s) 26,46
org/schabi/newpipe/download/DownloadDialog.java, line(s) 159,218,257,483,501,879,205,207
org/schabi/newpipe/download/LoadingDialog.java, line(s) 25,32,46
org/schabi/newpipe/error/ErrorActivity.java, line(s) 77,152,207
org/schabi/newpipe/error/ErrorPanelHelper.java, line(s) 99
org/schabi/newpipe/error/ReCaptchaActivity.java, line(s) 50,95,114,128,140
org/schabi/newpipe/fragments/BaseStateFragment.java, line(s) 86,131,188,155,166
org/schabi/newpipe/fragments/MainFragment.java, line(s) 76,131,219,226
org/schabi/newpipe/fragments/detail/VideoDetailFragment.java, line(s) 357,937,1017,1837,1985,2001,426,430,1383,566,775
org/schabi/newpipe/fragments/detail/VideoDetailPlayerCrasher.java, line(s) 84,114,118
org/schabi/newpipe/fragments/list/BaseListFragment.java, line(s) 195,288,296,328,366
org/schabi/newpipe/fragments/list/BaseListInfoFragment.java, line(s) 109
org/schabi/newpipe/fragments/list/channel/ChannelFragment.java, line(s) 176,303,318,340,359,367,379,389,151
org/schabi/newpipe/fragments/list/channel/ChannelTabFragment.java, line(s) 111
org/schabi/newpipe/fragments/list/playlist/PlaylistFragment.java, line(s) 168
org/schabi/newpipe/fragments/list/search/SearchFragment.java, line(s) 193,218,258,368,385,465,479,491,500,514,530,538,546,553,659,768,919,285,289
org/schabi/newpipe/info_list/StreamSegmentAdapter.java, line(s) 61,75
org/schabi/newpipe/info_list/dialog/InfoItemDialog.java, line(s) 114
org/schabi/newpipe/ktx/TextViewUtils.java, line(s) 16
org/schabi/newpipe/ktx/ViewUtils.java, line(s) 87,91,104,141,190
org/schabi/newpipe/local/BaseLocalListFragment.java, line(s) 105
org/schabi/newpipe/local/LocalItemListAdapter.java, line(s) 204,274
org/schabi/newpipe/local/bookmark/BookmarkFragment.java, line(s) 252
org/schabi/newpipe/local/feed/FeedFragment.java, line(s) 941
org/schabi/newpipe/local/feed/notifications/NotificationWorker.java, line(s) 117
org/schabi/newpipe/local/feed/service/FeedLoadService.java, line(s) 63,94
org/schabi/newpipe/local/playlist/LocalPlaylistFragment.java, line(s) 233,583,606,702
org/schabi/newpipe/local/subscription/services/SubscriptionsExportService.java, line(s) 98,103
org/schabi/newpipe/local/subscription/services/SubscriptionsImportService.java, line(s) 162,167
org/schabi/newpipe/player/PlayQueueActivity.java, line(s) 184,189
org/schabi/newpipe/player/Player.java, line(s) 559,590,627,653,672,695,730,753,800,812,820,940,947,955,959,1007,1019,1033,1061,1082,1102,1122,1139,1159,1180,1224,1242,1344,1376,1393,1485,1508,1523,1534,1548,1569,1581,1592,1609,1621,1629,1670,1716,1899,2107,806,935,1497,1501,456,792
org/schabi/newpipe/player/PlayerService.java, line(s) 31,44,74,96
org/schabi/newpipe/player/datasource/YoutubeHttpDataSource.java, line(s) 426
org/schabi/newpipe/player/gesture/BasePlayerGestureListener.java, line(s) 88,113,124,143,154,165,176,189
org/schabi/newpipe/player/gesture/MainPlayerGestureListener.java, line(s) 55,83,122
org/schabi/newpipe/player/gesture/PopupPlayerGestureListener.java, line(s) 63,76,82,145,159,209
org/schabi/newpipe/player/helper/AudioReactor.java, line(s) 393,409,418,423
org/schabi/newpipe/player/helper/LockManager.java, line(s) 23,40
org/schabi/newpipe/player/helper/PlaybackParameterDialog.java, line(s) 448,624
org/schabi/newpipe/player/helper/PlayerDataSource.java, line(s) 125,128
org/schabi/newpipe/player/helper/PlayerHolder.java, line(s) 226,234,248,260
org/schabi/newpipe/player/mediasession/MediaSessionPlayerUi.java, line(s) 194
org/schabi/newpipe/player/mediasource/FailedMediaSource.java, line(s) 76
org/schabi/newpipe/player/notification/NotificationUtil.java, line(s) 61,90,135
org/schabi/newpipe/player/playback/MediaSourceManager.java, line(s) 93,225,237,249,296,313,317,411,417,449,461,472,479
org/schabi/newpipe/player/playqueue/AbstractInfoPlayQueue.java, line(s) 73,104
org/schabi/newpipe/player/playqueue/PlayQueueAdapter.java, line(s) 167
org/schabi/newpipe/player/resolver/AudioPlaybackResolver.java, line(s) 52
org/schabi/newpipe/player/resolver/PlaybackResolver.java, line(s) 253,111,235
org/schabi/newpipe/player/resolver/VideoPlaybackResolver.java, line(s) 105,114
org/schabi/newpipe/player/seekbarpreview/SeekbarPreviewThumbnailHelper.java, line(s) 35
org/schabi/newpipe/player/seekbarpreview/SeekbarPreviewThumbnailHolder.java, line(s) 52,57,62,65,73,83,103,133,138,156,159,47,104,154,151,163
org/schabi/newpipe/player/ui/MainPlayerUi.java, line(s) 543,872
org/schabi/newpipe/player/ui/PopupPlayerUi.java, line(s) 92,113,184,212,219,227,243,297,260,269
org/schabi/newpipe/player/ui/VideoPlayerUi.java, line(s) 547,564,586,621,636,663,683,694,886,893,1265,1316,1342,1547,1609,613
org/schabi/newpipe/settings/ContentSettingsFragment.java, line(s) 45,56
org/schabi/newpipe/settings/DownloadSettingsFragment.java, line(s) 134,190,185
org/schabi/newpipe/settings/SettingMigrations.java, line(s) 116
org/schabi/newpipe/settings/SettingsActivity.java, line(s) 266,314,319
org/schabi/newpipe/settings/preferencesearch/PreferenceParser.java, line(s) 48,77,91
org/schabi/newpipe/settings/preferencesearch/PreferenceSearchResultHighlighter.java, line(s) 33
org/schabi/newpipe/streams/io/NoFileManagerSafeGuard.java, line(s) 29
org/schabi/newpipe/streams/io/StoredDirectoryHelper.java, line(s) 128,232,243
org/schabi/newpipe/streams/io/StoredFileHelper.java, line(s) 280,203,222,292
org/schabi/newpipe/util/ExtractorHelper.java, line(s) 305
org/schabi/newpipe/util/InfoCache.java, line(s) 60,70,81,91,101
org/schabi/newpipe/util/NavigationHelper.java, line(s) 280,133,142,248
org/schabi/newpipe/util/SerializedCache.java, line(s) 28,51,59
org/schabi/newpipe/util/StateSaver.java, line(s) 52,60,67,110,120,177,192,87,166
org/schabi/newpipe/util/external_communication/ShareUtils.java, line(s) 164,146,168
org/schabi/newpipe/util/image/PicassoHelper.java, line(s) 109
org/schabi/newpipe/util/text/InternalUrlsHandler.java, line(s) 82
org/schabi/newpipe/util/text/TextLinkifier.java, line(s) 104
org/schabi/newpipe/views/NewPipeRecyclerView.java, line(s) 61
org/schabi/newpipe/views/player/PlayerFastSeekOverlay.java, line(s) 94,111,139
us/shandian/giga/get/DownloadInitializer.java, line(s) 194,198
us/shandian/giga/get/DownloadMission.java, line(s) 234,174,449,476,513
us/shandian/giga/get/DownloadMissionRecover.java, line(s) 158,120
us/shandian/giga/get/sqlite/FinishedMissionStore.java, line(s) 84
us/shandian/giga/io/FileStreamSAF.java, line(s) 101
us/shandian/giga/postprocessing/Postprocessing.java, line(s) 216
us/shandian/giga/postprocessing/TtmlConverter.java, line(s) 22
us/shandian/giga/service/DownloadManager.java, line(s) 71,80,475
us/shandian/giga/service/DownloadManagerService.java, line(s) 395,130,225,234,388
us/shandian/giga/ui/adapter/MissionAdapter.java, line(s) 702,643
us/shandian/giga/util/Utility.java, line(s) 62

信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 

此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
org/schabi/newpipe/util/external_communication/ShareUtils.java, line(s) 5,141

安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 

此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4

Files:
org/schabi/newpipe/util/image/PicassoHelper.java, line(s) 30,30

安全评分: ( NewPipe 0.27.0)