Lucent Sky AVM 3.9 release information

2018/12/26 |

This article includes a list the new features and bug fixes that are included in Lucent Sky AVM 3.9, as well as known issues of this release.

For more information about this release, visit the blog post Lucent Sky AVM 3.9 released.

New features and updates included in Lucent Sky AVM 3.9

  • Preview of third generation mitigation engine - The third generation mitigation engine is expected to expand the types of vulnerabilities that can be automatically remediated and enhance the accuracy and precision of the remediation, while increasing the performance and memory management when mitigating applications with a large number of vulnerabilities. To use the third generation mitigation engine, Include mitigation,preview in scan arguments.

  • Improvements on the current mitigation engine - The current mitigation engine also received several enhancements and bug fixes to improve the mitigation efficiency.

  • Improvements on CLEAR Engine network stack - The network stack was rewritten to improve transport efficiency. The improvement is most noticeable when uploading and downloading data that is more than a few hundred megabytes.

  • Updates and bug fixes on Web UI and IDE plug-ins - The Web UI and IDE plug-ins for Visual Studio and Eclipse were updated. The updates were mostly to customer-reported bugs, such as the user is unable to sign-in with the Visual Studio Extension after applying Visual Studio 2015 Update 3.

List of fixes included in Lucent Sky AVM 3.9

No fix is included in Lucent Sky AVM 3.9.

Known issues of Lucent Sky AVM 3.9

Identifying some CWE-601 (Open Redirect) vulnerabilities in Java applications

When scanning a Java application using the built-in rule package, some CWE-601 (Open Redirect) vulnerabilities might not be identified. This is due to a misconfiguration in the built-in rule package.

This issue is present in Lucent Sky AVM 3.8 - 3.9, and has been resolved in Lucent Sky AVM 3.9.1.