v24.9.0 - 10 September 2024

New Security Checks

• Added detection for Jenkins Secret as a Sensitive Data Exposure

Improvements

• API Discovery: changes to the setup configuration for the Invicti Network Traffic Analyzer

Fixes

• Fixed an error that was occurring when editing Report Policies
• Fixed the WMI spiking issue that was causing CPU 100% problems
• API Discovery: in certain cases, discovered APIs from Apigee were not properly shown
• Fixed the issue where the ServiceNow Integration fields were not loading while editing the integration
• Fixed the issue where clicking the clone button in the Jira integration incorrectly redirected to the create new integration page
• Fixed Chromium related issues in the agent
• Corrected the description of the "api/1.0/scans/test-scan-profile-credentials" endpoint
• Fixed the error when selecting a custom time period in the Dashboard Date Range
• Fixed the issue where temp folders could not be deleted and Chromium instances remained open when Puppeteer encountered an error
• Fixed the display issue on the Scan Summary page
• Fixed the false positive on detection of "Stack Trace Disclosure (Java)"
• Fixed a scan authentication issue and reduced latency
• Fixed the issue that was preventing the download of detailed PCI reports
• Fixed an issue related to the Moment.js regex
• Updated the OpenSSL configuration on the Cloud AMI
• Fixed the disk space issue in the Invicti Common folder
• Fixed the automatic syncing of issues with Jira integrations
• Fixed the issue where scans were failing due to a TLS connection not being established
• Fixed the OIDC authentication issue
• Fixed the issue where the REST API endpoint returned HTTP 400 instead of HTTP 200 when sending custom values
• Fixed the issue preventing proper login to the target URL