Skip to content

v10.0.3

Compare
Choose a tag to compare
@princechaddha princechaddha released this 01 Nov 13:55
· 656 commits to main since this release

What's Changed

🔥 Release Highlights 🔥


Bug Fixes

  • Resolved issue with time-based SQL injection flow (Issue #11029).
  • Corrected detection for CVE-2016-9299 (Issue #11121).
  • Fixed false positive for appspec-yml-disclosure.yaml template (Issue #11112).
  • Refactored "Django Admin Panel" template (Issue #11044).
  • Improved prototype pollution checks to prevent insecure sanitization bypass (Issue #10589).

False Negatives

False Positives

  • Reduced false positives in weaver-checkserver-sqli template (Issue #11123).

Enhancements

  • Added templates for AWS services: EFS, Inspector2, GuardDuty, Firehose, DMS, EBS, ElastiCache, Route53, and RDS.
  • Introduced time-based tags for improved classification (Issue #11006).

Template Updates

New Templates Added: 116 | CVEs Added: 52 | First-time contributions: 7

New Contributors

Full Changelog: v10.0.2...v10.0.3