Home
/
Documentation
/
v25.1.0 - 29 January 2025
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
29 Jan 2025

v25.1.0 - 29 January 2025

New Features

  • Clicking on the scheduled scan icon in the scan summary screen now redirects you to the Recent Scans page with a filtered view, improving navigation and access to relevant scan details
  • Implemented an integration that automatically retrieves the latest Container security results from Mend when a DAST scan is initiated

Improvements

  • Added a feature flag for enabling unlimited scan duration in On-Premise deployments
  • Fixed an issue on the 2FA page where the code text field was not automatically focused upon page load
  • Introduces a configurable retention period for HTTP log files, allowing Root users to specify the number of days before log
  • Implemented a restriction to prevent the modification of the Vulnerability Signature Type
  • Enhanced the UI to highlight the menu when API Hub specifications are linked to a scan profile, making it easier for users to identify associated profiles
  • Updated Chromium from version 121 to version 131 for enhanced performance and compatibility
  • Enhanced detection accuracy for Weak Ciphers Enabled by analyzing false positives
  • Administrators can now assign Agent Groups to Teams for greater control over agents and the teams that can use them. Learn more.

Resolved issues

  • Corrected OTP configuration attachment to personas, ensuring separate secrets and preventing shared changes
  • Resolved issue where the internal agent service stopped after being disabled in the UI. The service now remains active even when the agent is disabled from the web application
  • Resolved an issue where statistics were not displaying correctly after v24.11.0 update.
  • Updated the SharedAssemblyInfo file to reflect the correct copyright details
  • Fixed an issue where a disabled scan was inadvertently running, leading to an outage
  • Fixed a bug where users were unable to update the website name longer than 40 characters
  • Fixed an issue where the Invicti REST API did not return errors when importing an invalid definition file
  • Resolved the “Internal Server Error” encountered on the Invicti scans/report API endpoint after enabling the “Prevent any sensitive information showing within the product” setting
  • Fixed an issue where the issue state was inadvertently removed when a user, without permission to update the state, added a note to the issue
  • Fixed an issue where the "Notification Settings" hyperlink in notification emails was redirecting incorrectly
  • Resolved the issue where the Agent Verifier was encountering errors when using certificates in a Linux environment
  • Fixed an issue where duplicate tickets were being created in ServiceNow due to integration error
  • Fixed an issue where the severity trend chart was not rendering correctly on the individual website dashboard
  • Node.js v6 has reached its End of Life (EOL), and support for this version has been removed from Azure Pipelines
  • Resolved a coverage issue where the login page reappeared during scans

Notes for Verifying the Hash Value for Package Integrity in Invicti Enterprise On-Premises

The hash value for the "25.1.0.zip" file is provided below. You can verify the integrity of the file by checking its hash value using one of the methods outlined above:
Release Package Hash Value: D4ADFE2A0CBA752C87234DB3F3608D6F7DC9365CA2005684087A328991CB2F0D

Methods to Verify the Hash Value:

PowerShell (Windows):

Get-FileHash -Path "25.1.0.zip" -Algorithm SHA256Command Prompt (Windows):

certutil -hashfile "25.1.0.zip" SHA256Linux or macOS:

sha256sum "25.1.0.zip"

You can use any of the above methods to verify the hash value and ensure the integrity of the "25.1.0.zip" file.