Mon 01 July 2024
This update introduces bug fixes, detection improvements, and attack surface enhancements to provide a more seamless user experience.
π‘οΈ Scanning
- Show source code for the detected vulnerabilities in the vulnerability details page.
Source code for detected vulnerabilities
π οΈ Remediation
- Customized the weekly email for attack surface auditors to only contain their data.
The weekly email for attack surface auditors
πΈοΈ Attack Surface & Inventory
- Added autocomplete for tags in assets.
Autocomplete for tags in asset - Enabled filtering of assets by ownership type.
Filter the assets by the ownership type
π¦ Detection
- Added detection for
CVE-2022-24816: A remote code execution vulnerability in the JT-JIFFLE extension of Geoserver allows remote attackers to execute arbitrary code. - Added detection for
CVE-2024-34470: An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
π Bug Fixes
- Fixed the search function with inputs that included a schema.
Searching scans using a specific schema - Fixed the iOS search issue when searching for common apps like Facebook.
Searching for common apps like Facebook - Fixed the issue where excluded values were still appearing in the graph during PDF generation.
We do newsletters, too
Get the latest news, updates, and product innovations from Ostorlab right in your inbox.