zaproxy
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Integrated penetration testing tool for finding vulnerabilities in web applications |
| Version | 2.15.0-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2626 | 2.11.1-1 | 2.11.1-2 | Critical | Fixed | FS#72975 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-44228 | AVG-2626 | Critical | Yes | Arbitrary code execution | Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI... |