org.zaproxy:zap@2.16.0 vulnerabilities

latest version

2.16.1

first published

8 years ago

latest version published

4 months ago

licenses detected

Apache-2.0
[2.5.0,)

package registry

View on Maven Central Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.zaproxy:zap package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Improper Certificate Validation org.zaproxy:zap is a testing tool for finding vulnerabilities in web applications. Affected versions of this package are vulnerable to Improper Certificate Validation by not verifying the TLS certificate chain of an HTTPS server it connects to, allowing expired or self-signed certificates to pass as valid. How to fix Improper Certificate Validation? There is no fixed version for `org.zaproxy:zap`.	[0,)

Improper Certificate Validation

org.zaproxy:zap is a testing tool for finding vulnerabilities in web applications.

Affected versions of this package are vulnerable to Improper Certificate Validation by not verifying the TLS certificate chain of an HTTPS server it connects to, allowing expired or self-signed certificates to pass as valid.

How to fix Improper Certificate Validation?

There is no fixed version for org.zaproxy:zap.

[0,)

Go back to all versions of this package