v25.4.0 - 8 April 2025

This update includes changes to the internal agents. The internal scan agent’s current version is 25.4.0. The internal authentication verifier agent’s current version is 25.4.0.

New feature

• Added an option to prevent reopening Issue Tracker issues when a vulnerability is marked as False Positive and later revived (Read more).

Improvements

• Requests with empty or default values are not sent to DeepInfo
• Introduced a new setting under the Account General settings, within the Data Privacy and Security section, to modify the X-AMZ-Expires parameter while downloading the scan data
• Enhanced the "Configure New Agent" page to include additional details for auth verifier agents (Read more)
• Updated remediation details for outdated AngularJS versions
• [BREAKING CHANGE]: Updated the Docker agent's compression method and file extension; ensure any automation or scripts referencing the old format are updated accordingly.

Resolved issues

• Fixed an issue where the Issue note field could not be updated
• Fixed inefficient algorithmic complexity in DotNet IAST Sensor
• Resolved the issue where an invalid character response occurred when attempting to add a user
• Resolved the "Invalid Target URI" error that occurred when editing the Target URI to end with multiple slashes (///) on the new scan page
• Resolved the issue where the scan profile was not updating with the support account
• Fixed restrictions for JIRA integration
• Fixed an issue where pressing "Enter" instead of clicking the "Check" button during password verification triggered a full scan instead of the intended login verification
• Updated Chromium and Node.js versions, resolving Chromium-related issues, including the unexpected increase in Chromium count.
• Exclude URL rules now function correctly even when the excluded URL is the target
• Fixed an issue with retrieving OAuth2 token data from JSON responses