Security Bulletin: IBM Operator for Apache Flink is affected by a vulnerability in AssertJ library (CVE-2026-24400)

Summary This security vulnerability in the AssertJ library used within IBM Event Processing could allow an attacker to exploit specially crafted XML input to cause local file disclosure, server-side request forgery SSRF, or denial of service in Java-based components running on the Apache Flink...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in AssertJ (CVE-2026-24400)

Summary A vulnerability in AssertJ that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-24400 DESCRIPTION: AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an X...

SUSE: Security Advisory (SUSE-SU-2026:20604-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES16 Security Update : assertj-core (SUSE-SU-2026:20604-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20604-1 advisory. Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Tenable has extracted the precedin...

Security update for assertj-core (moderate)

openSUSE security update: security update for assertj-core ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20298-1 Rating: moderate References: bsc1257293 Cross-References: CVE-2026-24400 CVSS scores: CVE-2026-24400 SUSE : 6.1...

OPENSUSE-SU-2026:20298-1 Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293...

CVE-2026-24400 affecting package javapackages-bootstrap for versions less than 1.14.0-4

CVE-2026-24400 affecting package javapackages-bootstrap for versions less than 1.14.0-4. A patched version of the package is available...

openSUSE 15 Security Update : assertj-core (SUSE-SU-2026:0344-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0344-1 advisory. Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Tenable has extracted the preceding description bloc...

Security update for assertj-core

This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2026-24400

AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...

DEBIAN-CVE-2026-24400

AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...

africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +7555 more potentially affected by CVE-2026-24400 via org.assertj:assertj-core (>=1.4.0 <=3.27.6)

org.assertj:assertj-core MAVEN version =1.4.0, =1.0.0, =0.1.0, =0.1.0, =0.0.62, =0.7.0, =0.0.10, =0.0.6, =0.8.38, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =26.3.2 and more Source cves: CVE-2026-24400 Source advisory: OSV:GHSA-RQFH-9R24-8C9R...