Skip to content

v10.0.1

Compare
Choose a tag to compare
@princechaddha princechaddha released this 30 Sep 15:25
· 1817 commits to main since this release

What's Changed

🔥 Release Highlights 🔥


Bug Fixes

  • Resolved unresolved variables found: FQDN (#10349).

False Negatives

  • Improve detection and reduce false negatives for CVE-2024-47176 (Issue #10864).

False Positives

Enhancements

  • Added regex extractor for user-agent of HTTP request to identify vulnerable devices in CVE-2024-47176.yaml (#10864).
  • Updated severity in apple-cups-exposure.yaml (#10857).
  • Severity update for jwk-json-leak.yaml (#10840).
  • Added nacos configuration leak detection (#10825).
  • Refactored the "git-repository-browser" template (#10801).
  • Moved http/cves/CVE-2024-45507.yaml to http/cves/2024/CVE-2024-45507.yaml (#10785).
  • Refactored the "kubelet-metrics" template (#10765).
  • Refactored the "GITEA" template (#10752).
  • Optimized templates due to Nuclei changes and added new templates (Issue #10285).
  • Deleted http/fuzzing/valid-gmail-check.yaml as the Gmail API is no longer active (#10865).

Template Updates

New Templates Added: 86 | CVEs Added: 41 | First-time contributions: 2

New Contributors

Full Changelog: v10.0.0...v10.0.1