yap chekying

Projects

Activity

Reported issues: 681

31 July 2025

02:40 PM VELO Production Issue Bug #22317 (New): [PROD][Android] Hit "Something went wrong with OCBC Business" at Google Playstore
Please refer to attached image for details.
Please provide root cause and solution.

30 July 2025

10:35 AM VELO Production Issue Bug #22165 (Closed): [PROD][Android] Added "uat" Word in Android Name and Causing Crash When App ...
released to production on 3rd July 2025

29 July 2025

10:12 AM VELO Production Issue Bug #22306 (New): [External Audit Findings][MLEB] Bypass OTP in Biometric Activation
Issue:
Modification of response parameters in the API allows an attacker to alter values such as item prices, item q...
10:11 AM VELO Production Issue Bug #22305 (New): [External Audit Findings][MLEB] Insecure Direct Object Reference Vulnerability ...
Issue:
The IDOR vulnerability occurs when an app exposes internal object references without access control. This all...
10:10 AM VELO Production Issue Bug #22304 (Resolved): [External Audit Findings][MLEB] User Enumeration through Error Messages
Issue:
Error messages in an application can provide valid and invalid username information.
This information can po...
10:09 AM VELO Production Issue Bug #22303 (Assigned): [External Audit Findings][iOS] Weak SSL Pinning
Issue:
During testing on iOS apps, the tester found that the app does not implement SSL Pinning. Without SSL Pinning...
10:07 AM VELO Production Issue Bug #22302 (Assigned): [External Audit Findings][iOS] Certificate files hardcoded inside the app
Issue:
Same as Android – developers embed a list of trusted certificates inside the app and use it to validate serve...
10:05 AM VELO Production Issue Bug #22301 (Assigned): [External Audit Findings][iOS] No Jailbreak Detection
Issue:
Jailbreaking is the process of gaining administrative or privileged access to the iOS OS. Without jailbreak d...
10:04 AM VELO Production Issue Bug #22300 (Resolved): [External Audit Findings][Android] Certificate files hardcoded inside the app
Issue:
SSL Pinning is a security mechanism used to prevent man-in-the-middle attacks by validating the certificate ...
10:02 AM VELO Production Issue Bug #22299 (New): [External Audit Findings][Android] Weak Root Detection
Issue:
Rooting is the process of gaining administrative or privileged access to the Android OS. Without root detecti...

Also available in: Atom