Zed Attack Proxy
1 CVEs
product
Monthly
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Information Disclosure
Zed Attack Proxy
NVD
GitHub
CVSS 3.1
4.0
EPSS
0.7%
CVE-2022-27820
Maven
EPSS 1%
CVSS 4.0
MEDIUM
This Month
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Information Disclosure
Zed Attack Proxy
NVD
GitHub