v24.9.241015145 - 17 Oct 2024
New Security Checks
- Added check for CVE-2024-6842
Improvements
- Upgraded to OpenSSL
- Updates to technologies and fingerprints
Apache OFBiz RCE (CVE-2024-45195)
Apache OfBiz Authz Bypass (CVE-2024-36104, CVE-2024-38856)
Updated Chromium to v128.0.3316.119/.120
Improved support for GraphQL when described in introspection JSON
The upgraded Scan Details page is now enabled for On-Premises customers as well → Learn more
Using API Discovery On-Premises, the admin can specify a destination URL for the Network Traffic Analyzer connection
Fixed a false positive in the Solr Injection check
Resolved a rare case where the vulnerability detail was not loading properly on the new Scan Details page
Runtime SCA PDF reports are now being generated correctly
The scan end timestamp is now loading properly on the new Scan Details page
Security checks can now be auto-updated without requiring a full product update