A brand new replace for Acunetix Premium for Home windows and Linux has been launched: 15.0.221007170.
This model of Acunetix introduces assist for Purple Hat Enterprise Linux (RHEL) 9, which was launched earlier this yr. PHP IAST AcuSensor can now be used with net functions that benefit from the PHP Slim Framework and has been up to date to report MongoDB and SSTI injection vulnerabilities. CWE’s 25 Most Harmful Software program Weaknesses has been up to date to report on the highest software program weaknesses recognized for 2022. This Acunetix replace additionally contains numerous new vulnerability checks, updates, enhancements, and product fixes.
Observe: There might be no new updates to native macOS installations. MacOS customers can change to Acunetix Premium On-line or use Acunetix On-Premises in a digital setting or on Docker.
New vulnerability checks
- Added a verify for permissions policy header
- Added a verify for unrestricted entry to the Karma monitoring interface
- Added verify for Go net app binary disclosure
- SCA: Improved detection of elements utilized by Java net functions
- Up to date to Chromium v106.0.5249.61
- Up to date PHP IAST AcuSensor to raised assist net functions that use the Slim Framework
- Improved assist for HTTP calls from Axios
- Up to date CWE’s 25 Most Harmful Software program Weaknesses listing to incorporate 2022 weaknesses
- Scan outcomes and scan studies will embody the model of Acunetix used to carry out the scan.
- Up to date PHP sensor to report MongoDB injections
- Up to date PHP sensor to report server-side template injections (SSTI)
- Improved detection of default GraphQL introspection URLs.
- Carried out a heartbeat for the connections between the scanner and the AcuSensor bridge.
- A number of DeepScan updates
- Fastened a problem that might trigger blind SSRF in situation tracker and proxy settings
- Fastened 3 authorization points.
- Fastened a reminiscence exhaustion bug within the heuristic hyperlink checker
- Fastened: Malware was reported when Home windows Defender reported invalid/unknown malware
- Fastened some crashes within the scanner.
- Up to date community scans so they aren’t canceled if the preliminary ICMP ping fails.
- Fastened a bug when submitting vulnerabilities to the Jira situation tracker
- Fastened UI bug when filtering vulnerabilities by time
- Varied updates and fixes to licensing logic
Replace to the most recent model
If you’re already utilizing Acunetix construct 14.x, you can begin the automated replace from the brand new construct notification within the Acunetix UI > On web page.
If you’re utilizing Acunetix construct 13.x or earlier, you have to obtain Acunetix from here. Use your Acunetix license key to obtain and activate your product.
Get the most recent content material on net safety
in your inbox each week.