QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components, CVE-2017-5929 Detail.
OWASP DeepViolet has been included and available in OWASP ZAP for awhile now as an additional add-on component. Briefly the background is that DeepViolet is a TLS/SSL scanning API and set of tools. OWASP ZAP is a Flagship application security scanner and includes some DeepViolet features for it’s TLS/SSL scanning. I decided to post this blog update since it was not clear to me how to use this scanning with ZAP. The following is a short post about how to install and use HttpsInfo(a.k.a DeepViolet) within your ZAP scanning projects.
DeepViolet Beta 5.0.2 pre-release. Working thru features/fixes supporting @zaproxy team. #tls #appsec #INFOSEC https://github.com/spoofzu/DeepViolet/releases