July 04, 2019

Addressing Security Scan Findings In Mobile Foundation Apps

Most organizations mandate mobile apps to undergo code scanning and pen tests before they can be uploaded to public app...

February 24, 2016

CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions on Android

[UPDATE Feb. 24, 2016]Cordova has updated their announcement regarding CVE-2015-5256. Follow the link for more information: http://cordova.apache.org/announcements/2015/11/20/security.html.

December 11, 2015

CVE-2015-5257/CVE-2015-8320: Weak Randomization of BridgeSecret for Apache Cordova Android

As of November 25, 2015, this blog post acknowledges that IBM is aware that Cordova announced two CVEs for vulnerabilities...

October 08, 2015

CVE-2015-5204 HTTP header injection vulnerability in Apache Cordova Android File-Transfer Plugin

As of October 6, 2015, this blog post acknowledges that IBM is aware of the recent vulnerability in the Apache...

July 30, 2015

CVE-2015-1835: Remote exploit in Apache Cordova

As of June 5th 2015, this blog post acknowledges that IBM is aware of a recently published remote exploitation in...

May 29, 2015

OpenSSL Security Alert for existing apps in Google Play Store

If you have a Worklight Foundation or MobileFirst Platform Foundation application deployed in the Google Play Store, you may soon...