218 matches found
ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14), ai.tripl:arc-kafka-pipeline-plugin_2.11 (>=1.0.0 <=1.4.0) +224 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.11 (>=2.0.0 <=2.4.1)
org.apache.kafka:kafka2.11 MAVEN version =2.0.0, =0.0.13, =1.0.0, =1.14.0, =2.8.0, =3.0.0-M1 - com.daasyyds.presto:daasyyds-hive-connector-patch =0.276.1-202209.1 and more Source cves: CVE-2025-27819 Source advisory: OSV:GHSA-MCWH-C9PG-XW43...
CVE-2023-40342
Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents...
CVE-2023-6678
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...
Information disclosure in JUnit4
...
CVE-2020-15250 affecting package junit for versions less than 4.13-7
CVE-2020-15250 affecting package junit for versions less than 4.13-7. A patched version of the package is available...
CVE-2022-34176 affecting package junit 4.13-5
CVE-2022-34176 affecting package junit 4.13-5. This CVE either no longer is or was never applicable...
CVE-2022-45380 affecting package junit 4.13-5
CVE-2022-45380 affecting package junit 4.13-5. This CVE either no longer is or was never applicable...
CVE-2023-25761 affecting package junit 4.13-5
CVE-2023-25761 affecting package junit 4.13-5. This CVE either no longer is or was never applicable...
de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=3.0.1-25.0 <=4.0.5-25.0), org.keycloak:keycloak-guides (>=25.0.0 <=25.0.6) +4 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=25.0.0 <=25.0.6)
org.keycloak:keycloak-quarkus-server MAVEN version =25.0.0, =3.0.1-25.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.6 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...
de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=2.5.6-24.0 <=2.7.4-24.0), org.keycloak:keycloak-guides (>=24.0.0 <=24.0.5) +4 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=24.0.0 <=24.0.5)
org.keycloak:keycloak-quarkus-server MAVEN version =24.0.0, =2.5.6-24.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.5 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...
TestRail CLI FieldsParser eval Injection
This is not a very exciting vulnerability, but I had already publicly disclosed it on GitHub at the request of the vendor. Since that report has disappeared, the link I had provided to MITRE was invalid, so here it is again. -Devin --- Unsafe eval in TestRail CLI FieldsParser Date Reported:...
OPENSUSE-SU-2024:11676-1 junit-4.13.2-1.1 on GA media
These are all security issues fixed in the junit-4.13.2-1.1 package on the GA media of openSUSE Tumbleweed...
RHEL 8 : junit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - junit4: TemporaryFolder is shared between all users across system which could result in information disclosure...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3195)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3195 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : Red Hat Product OCP Tools 4.11 Openshift Jenkins (RHSA-2023:6171)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6171 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
GitLab 0 < 16.8.6 / 16.9 < 16.9.4 / 16.10 < 16.10.2 (CVE-2023-6678)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an...
SUSE-SU-2024:1304-1 Security update for eclipse, maven-surefire, tycho
This update for eclipse, maven-surefire, tycho fixes the following issues: eclipse received the following security fix: - CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. bsc1216992 maven-sunfire was updated from version 2.22.0 to 2.22.2: - Changes in version...
BIT-GITLAB-2023-6678 Inefficient Regular Expression Complexity in GitLab
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...
CVE-2023-6678
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...