Skip to content

Update codebase to ZAP 2.17 #6940

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update codebase to ZAP 2.17 #6940

wants to merge 1 commit into from

Conversation

@thc202
Copy link
Member

@thc202 thc202 commented Nov 24, 2025

Change all add-ons and testutils to use 2.17 (SNAPSHOT).
Update code accordingly (e.g. address deprecations).

@thc202
Update codebase to ZAP 2.17
123edd5 
Change all add-ons and `testutils` to use 2.17 (SNAPSHOT).
Update code accordingly (e.g. address deprecations).

Signed-off-by: thc202 <thc202@gmail.com>
@thc202 thc202 marked this pull request as ready for review November 24, 2025 17:23
@psiinon
Copy link
Member

psiinon commented Nov 24, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsf0dda3c3-8e4f-48a2-b643-2e1f98879377

New Issues (2)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2014-0114 Maven-commons-beanutils:commons-beanutils-1.8.0
detailsRecommended version: 1.11.0
Description: Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring com...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: CC6BcqcYdldN9kXN%2B35y60yCYdi93wxUcFeY9JIurZA%3D
Vulnerable Package
LOW Heap_Inspection /addOns/authhelper/src/main/java/org/zaproxy/addon/authhelper/internal/db/TableJdo.java: 55
detailsMethod at line 55 of /addOns/authhelper/src/main/java/org/zaproxy/addon/authhelper/internal/db/TableJdo.java defines password, which is designate...
ID: KxysRv0IS5Hg%2BqCCqmZawDvdZ0k%3D
Attack Vector
Fixed Issues (2)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
MEDIUM CVE-2022-27820 Maven-org.zaproxy:zap-2.16.0
LOW Heap_Inspection /addOns/authhelper/src/main/java/org/zaproxy/addon/authhelper/internal/db/TableJdo.java: 79

Use @Checkmarx to reach out to us for assistance.

Just send a PR comment with @Checkmarx followed by a natural language request.

Examples: @Checkmarx how are you able to help me? @Checkmarx rescan this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kingthorin kingthorin kingthorin approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thc202 @psiinon @kingthorin