Add alerts from docker API scripts by psiinon · Pull Request #3649 · zaproxy/zaproxy-website

psiinon · 2026-03-09T15:08:00Z

https://github.com/zaproxy/zaproxy/tree/main/docker/scripts/scripts/httpsender

psiinon · 2026-03-09T15:20:34Z

Checkmarx One – Scan Summary & Details – 17430c08-73b6-44f9-8db0-0ca54e7520b0

New Issues (4)

Checkmarx found the following issues in this Pull Request

#	Issue	Source File / Package	Checkmarx Insight
1	CVE-2026-26996	Npm-minimatch-3.1.2	details Recommended version: 3.1.4 Description: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions prior to 3.1.3, 4.0.0 prior to 4.2... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
2	CVE-2026-27903	Npm-minimatch-3.1.2	details Recommended version: 3.1.4 Description: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. All versions starting from 3.0.0 and prior ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
3	CVE-2026-27904	Npm-minimatch-3.1.2	details Recommended version: 3.1.4 Description: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. All versions starting from 3.0.0 and prior ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
4	Cxf5fb15b0-6576	Npm-serialize-javascript-6.0.2	details Recommended version: 7.0.3 Description: serialize-javascript through 7.0.2 contains a code injection vulnerability due to improper escaping of "RegExp.flags" during serialization. Althoug... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR

kingthorin · 2026-03-10T15:23:05Z

Update based on: zaproxy/zaproxy#9275 ?

psiinon · 2026-03-10T17:53:18Z

Yeah, will do 😁

psiinon · 2026-03-11T12:07:35Z

Updated

https://github.com/zaproxy/zaproxy/tree/main/docker/scripts/scripts/httpsender Signed-off-by: Simon Bennetts <psiinon@gmail.com>

thc202 · 2026-03-11T15:08:39Z

Thank you!

psiinon force-pushed the alerts-docker-scripts branch from 2f1fdca to cb7cbfc Compare March 11, 2026 12:06

kingthorin reviewed Mar 11, 2026

View reviewed changes

Comment thread site/content/docs/alerts/100001.md Outdated

psiinon force-pushed the alerts-docker-scripts branch from cb7cbfc to d2bce9e Compare March 11, 2026 14:31

Add alerts from docker API scripts

fbb85a0

https://github.com/zaproxy/zaproxy/tree/main/docker/scripts/scripts/httpsender Signed-off-by: Simon Bennetts <psiinon@gmail.com>

psiinon force-pushed the alerts-docker-scripts branch from d2bce9e to fbb85a0 Compare March 11, 2026 14:32

kingthorin approved these changes Mar 11, 2026

View reviewed changes

thc202 approved these changes Mar 11, 2026

View reviewed changes

thc202 merged commit df88ff4 into zaproxy:main Mar 11, 2026
3 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add alerts from docker API scripts#3649

Add alerts from docker API scripts#3649
thc202 merged 1 commit intozaproxy:mainfrom
psiinon:alerts-docker-scripts

psiinon commented Mar 9, 2026

Uh oh!

psiinon commented Mar 9, 2026 •

edited

Loading

Uh oh!

kingthorin commented Mar 10, 2026

Uh oh!

psiinon commented Mar 10, 2026

Uh oh!

psiinon commented Mar 11, 2026

Uh oh!

Uh oh!

Uh oh!

thc202 commented Mar 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants

Conversation

psiinon commented Mar 9, 2026

Uh oh!

psiinon commented Mar 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

kingthorin commented Mar 10, 2026

Uh oh!

psiinon commented Mar 10, 2026

Uh oh!

psiinon commented Mar 11, 2026

Uh oh!

Uh oh!

Uh oh!

thc202 commented Mar 11, 2026

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants

psiinon commented Mar 9, 2026 •

edited

Loading