ROOT-APP-MAVEN-CVE-2026-24400 CVE-2026-24400 in io.root.org.assertj:assertj-core - Patched by Root

Root has patched CVE-2026-24400 in the io.root.org.assertj:assertj-core package for Root:Maven. Multiple fixed versions available...

Security Bulletin: IBM Maximo Application Suite - IoT Component uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - IoT Component uses assertj-core-3.27.6.jar, minimatch-3.1.2.tgz, flask-3.1.2-py3-none-any.whl and werkzeug-3.1.5-py3-none-any.whl third party dependencies which is vulnerable to CVE-2026-24400, CVE-2026-26996, CVE-2026-27205 and CVE-2026-27199. This bulletin...

SUSE: Security Advisory (SUSE-SU-2026:20604-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : assertj-core (openSUSE-SU-2026:20298-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20298-1 advisory. Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Tenable has extracted the preceding description...

SUSE SLES16 Security Update : assertj-core (SUSE-SU-2026:20604-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20604-1 advisory. Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Tenable has extracted the precedin...

Security update for assertj-core (moderate)

openSUSE security update: security update for assertj-core ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20298-1 Rating: moderate References: bsc1257293 Cross-References: CVE-2026-24400 CVSS scores: CVE-2026-24400 SUSE : 6.1...

SUSE-SU-2026:20604-1 Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293...

OPENSUSE-SU-2026:20298-1 Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293...

Security Bulletin: Vulnerability assertj-core, spring-security-crypto, werkzeug, urllib, libsodium, jersey-client, log4j, dmidecode-dmidecode, and aide affect IBM Cloud Object Storage Systems (FEB 2026)

Summary Vulnerability with assertj-core-3.27.3 CVE-2026-24400 , spring-security-crypto-6.4.4 CVE-2025-22234 , werkzeug-3.1.3-py3 CVE-2026-21860,CVE-2025-66221 , urllib3-2.5.0-py3CVE-2025-66418,CVE-2025-66471, CVE-2026-21441 , libsodiumCVE-2025-69277 jersey-client-2.25.1CVE-2025-12383 ,...

XML External Entity (XXE)

org.assertj, assertj-core is vulnerable to XML External Entity XXE. The vulnerability is due to the DocumentBuilderFactory in org.assertj.core.util.xml.XmlStringPrettyFormatter.toXmlDocumentString being initialized with default settings without disabling DTDs or external entities, which allows an...

openSUSE Security Advisory (SUSE-SU-2026:0344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : assertj-core (SUSE-SU-2026:0344-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0344-1 advisory. Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Tenable has extracted the preceding description bloc...

Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:0344-1 Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293...

assertj-core-3.27.7-1.1 on GA media (moderate)

assertj-core-3.27.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:10106-1 Rating: moderate Cross-References: CVE-2026-24400 CVSS scores: CVE-2026-24400 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L CVE-2026-24400 SUSE : 6.9...

OPENSUSE-SU-2026:10106-1 assertj-core-3.27.7-1.1 on GA media

These are all security issues fixed in the assertj-core-3.27.7-1.1 package on the GA media of openSUSE Tumbleweed...

africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +7515 more potentially affected by CVE-2026-24400 via org.assertj:assertj-core (>=1.4.0 <=3.27.6)

org.assertj:assertj-core MAVEN version =1.4.0, =1.0.0, =0.1.0, =0.1.0, =0.0.62, =0.7.0, =0.0.10, =0.0.6, =0.8.38, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =26.3.1 and more Source cves: CVE-2026-24400 Source advisory: OSV:GHSA-RQFH-9R24-8C9R...

africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +7515 more potentially affected by CVE-2026-24400 via org.assertj:assertj-core (>=1.4.0 <=3.27.6)

org.assertj:assertj-core MAVEN version =1.4.0, =1.0.0, =0.1.0, =0.1.0, =0.0.62, =0.7.0, =0.0.10, =0.0.6, =0.8.38, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =26.3.1 and more Source cves: CVE-2026-24400 Source advisory: SNYK:JAVA-ORGASSERTJ-15102413...

openSUSE: Security Advisory for Java (SUSE-SU-2024:1874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:1874-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...