218 matches found
Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.
...
io.jenkins.plugins:junit-sql-storage (>=322.ve33b_238fb_757 <=324.v90e2a_a_a_a_0dd7) potentially affected by CVE-2025-58460 via io.jenkins.plugins:opentelemetry (=3.1215.vc9db_a_0b_34c2a_)
io.jenkins.plugins:opentelemetry MAVEN version =3.1215.vc9dba0b34c2a is affected by a known vulnerability. The following packages have a transitive dependency on io.jenkins.plugins:opentelemetry and may be impacted: - io.jenkins.plugins:junit-sql-storage =322.ve33b238fb757, =324.v90e2aaaa0dd7...
io.jenkins.plugins:junit-sql-storage (>=322.ve33b_238fb_757 <=324.v90e2a_a_a_a_0dd7) potentially affected by CVE-2025-58460 via io.jenkins.plugins:opentelemetry (=3.1215.vc9db_a_0b_34c2a_)
io.jenkins.plugins:opentelemetry MAVEN version =3.1215.vc9dba0b34c2a is affected by a known vulnerability. The following packages have a transitive dependency on io.jenkins.plugins:opentelemetry and may be impacted: - io.jenkins.plugins:junit-sql-storage =322.ve33b238fb757, =324.v90e2aaaa0dd7...
Linux Distros Unpatched Vulnerability : CVE-2025-53103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git...
Malicious code in wdio-junit-reporter-file (npm)
The package wdio-junit-reporter-file was found to contain malicious code...
MAL-2025-38952 Malicious code in wdio-junit-reporter-file (npm)
The package wdio-junit-reporter-file was found to contain malicious code...
javapackages-tools:201801 security update
An update is available for assertj-core, byaccj, maven-resolver, qdox, module.sonatype-plugins-parent, maven-shade-plugin, module.glassfish-jsp-api, module.exec-maven-plugin, plexus-sec-dispatcher, module.geronimo-annotation, module.atinject, module.xmlunit, glassfish-el, powermock,...
This Week in Spring - July 8th, 2025
Hi, Spring fans! Welcome to another installment of This Week in Spring! I write this having spent a wonderful week in paradise Bora Bora, French Polynesia, to be precise with my partner Tam Mie. We were so very sad to have to say goodbye. But that means I'm officially back at my desk, with nary a...
junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener
Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...
GHSA-M43G-M425-P68X junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener
Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103
The CVE-2025-53103 issue affects JUnit (Open Test Reporting) where OpenTestReportGeneratingListener can leak Git credentials when writing Open Test Reporting XML files. Vulnerable versions are 5.12.0–5.13.1; patch is 5.13.2. Impact depends on the access level of exposed tokens; if test reports ar...
Cleartext Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the reporting process. An attacker can gain unauthorized access to sensitive information by exploiting the exposure of Git credentials during report generation. Note: - The versions 5.12.0-M...
app.getxray:xray-junit-extensions (=0.10.0), com.android.tools.screenshot:screenshot-validation-junit-engine (>=0.0.1-alpha11 <=0.0.1-alpha15) +23 more potentially affected by CVE-2025-53103 via org.junit.platform:junit-platform-reporting (>=1.12.0-M1 <=1.13.1)
org.junit.platform:junit-platform-reporting MAVEN version =1.12.0-M1, =0.0.1-alpha11, =5.2.0, =4.0.24, =1.12.0, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.4, =0.103.1, =0.103.1, =0.103.1, =0.104.2 - org.projectnessie.nessie:nessie-versioned-storage-common-tests...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
JUnit 安全漏洞
JUnit is a testing framework for the Java language from the JUnit open source. A security vulnerability exists in JUnit versions 5.12.0 through 5.13.1, which stems from an Open Test Reporting XML file that may disclose Git credentials...
PT-2025-27572 · Junit · Junit
Name of the Vulnerable Software and Affected Versions: JUnit versions 5.12.0 through 5.13.1 Description: The issue concerns JUnit's support for writing Open Test Reporting XML files, which can leak Git credentials. The impact depends on the level of the access token exposed through the...