opensecurity CVE Vulnerabilities & Metrics

Focus on opensecurity vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About opensecurity Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with opensecurity. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total opensecurity CVEs: 4
Earliest CVE date: 18 Oct 2022, 15:15 UTC
Latest CVE date: 19 Aug 2024, 15:15 UTC

Latest CVE reference: CVE-2024-43399

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 100.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 100.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical opensecurity CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 4
4.0-6.9 0
7.0-8.9 0
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS opensecurity CVEs

These are the five CVEs with the highest CVSS scores for opensecurity, sorted by severity first and recency.

All CVEs for opensecurity

CVE-2024-43399 opensecurity vulnerability CVSS: 0 19 Aug 2024, 15:15 UTC

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7.

CVE-2024-41955 opensecurity vulnerability CVSS: 0 31 Jul 2024, 20:15 UTC

Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. Update to MobSF v4.0.5.

CVE-2023-42261 opensecurity vulnerability CVSS: 0 21 Sep 2023, 22:15 UTC

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server.

CVE-2022-41547 opensecurity vulnerability CVSS: 0 18 Oct 2022, 15:15 UTC

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.