zaproxy

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Integrated penetration testing tool for finding vulnerabilities in web applications
Version 2.11.1-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2626 2.11.0-1 Critical Vulnerable FS#72975
Issue Group Severity Remote Type Description
CVE-2021-44228 AVG-2626 Critical Yes Arbitrary code execution
Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI...