Unclaimed Cocoapods Vulnerability
Unclaimed Cocoapods Vulnerability
Description
Unclaimed Cocoapods allowed malicious actors to claim ownership of pods and insert malicious code into popular apps. The exploitation of these vulnerabilities have significant financial and reputational risks for the targeted organization.
Recommendation
Developers should remove orphaned/unclaimed CocoaPods dependencies.
Links
Standards
- OWASP_MASVS_L1:
- MSTG_CODE_5
- OWASP_MASVS_L2:
- MSTG_CODE_5
- OWASP_MASVS_v2_1:
- MASVS_CODE_3
- PCI_STANDARDS:
- REQ_12_8
- SOC2_CONTROLS:
- CC_9_2
- CC_4_2
- CC_7_1
- CC_7_2
- CC_7_4
- CC_7_5