gitlab-org/security-products/dast v3.0.1

on GitLab

Changes

• Upgrade Browserker to version 0.0.78 (!601)
• Upgrade vulnerability checks to version 1.0.18 browserker!618
  • Update 16.1, 16.2, 16.3, 16.4, 16.5, 16.6, and 693.1 to require exact header names dast-cwe-checks!106
  • Updates 16.2 to be more restrictive on version matching dast-cwe-checks!107
  • Remove unnecessary has_authentication_cookie requirement from check 614.1 dast-cwe-checks!105
  • Remove unnecessary has_authentication_cookie requirement from check 1004.1 dast-cwe-checks!105
  • Update 352.1 uniqueness template so that findings will be created for each request_path and request_method dast-cwe-checks!108
  • Update 359.1 and 359.2 to bring inline with GitLab documentation guidelines dast-cwe-checks!110
• Fix stability issues by caching resources when the entire HTTP message is parsed browserker!621
• Upgrade vulnerability checks to version 1.0.19 browserker!620
  • Update 359.1 and 359.2 uniqueness template so that findings will be created for each request_method dast-cwe-checks!112
• Replace ZAP rule 10010 with 1004.1 in browser based scan (!588)

Docker Images

• registry.gitlab.com/security-products/dast:3.0.1