Lucene search
K

218 matches found

Debian CVE
Debian CVE
added 2024/04/12 12:53 a.m.23 views

CVE-2023-6678

Removed by vendor...

6.5CVSS5.8AI score0.00586EPSS
Exploits0
OSV
OSV
added 2024/04/12 12:53 a.m.31 views

CVE-2023-6678 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file...

4.3CVSS6.1AI score0.00586EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.3 views

PT-2024-15047 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 16.8.6 GitLab EE versions 16.9 through 16.9.3 GitLab EE versions 16.10 through 16.10.1 Description: An issue has been discovered in GitLab EE that allows an attacker to cause a denial of service using maliciously...

6.5CVSS6.6AI score0.00586EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/04/11 12:0 a.m.23 views

FreeBSD : Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6 (dad6294c-f7c1-11ee-bb77-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the dad6294c-f7c1-11ee-bb77-001b217b3468 advisory. - Gitlab reports: Stored XSS injected in diff viewer Stored XSS via autocomplete results Redos...

8.7CVSS5.4AI score0.00601EPSS
Exploits2References6
FreeBSD
FreeBSD
added 2024/04/10 12:0 a.m.28 views

Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6

Gitlab reports: Stored XSS injected in diff viewer Stored XSS via autocomplete results Redos on Integrations Chat Messages Redos During Parse Junit Test Report...

8.7CVSS6AI score0.00601EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.18 views

Fedora: Security Advisory for classloader-leak-test-framework (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.19 views

Fedora: Security Advisory for easymock (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.15 views

Fedora: Security Advisory for opentest4j (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.14 views

[SECURITY] Fedora 40 Update: truth-1.0.1-11.fc40

Truth is a library provides alternative ways to express assertions in unit tests. It can be used as a replacement for JUnit's assertions or FEST or it can be used alongside where other approaches seem more suitable...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.20 views

[SECURITY] Fedora 40 Update: opentest4j-1.3.0-6.fc40

Open Test Alliance for the JVM is a minimal common foundation for testing libraries on the JVM. The primary goal of the project is to enable testing frameworks like JUnit, TestNG, Spock, etc. and third-party assertion libraries like Hamcrest, AssertJ, etc. to use a common set of exceptions that...

8.8CVSS6.9AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.20 views

[SECURITY] Fedora 40 Update: junit-4.13.2-6.fc40

JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java. JUnit is Open Source Software, released under the Common Public License Version 1.0 and hosted on GitHub...

8.8CVSS9.1AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.25 views

[SECURITY] Fedora 40 Update: easymock-4.3-8.fc40

EasyMock provides Mock Objects for interfaces in JUnit tests by generating them on the fly using Java's proxy mechanism. Due to EasyMock's unique style of recording expectations, most refactorings will not affect the Mock Objects. So EasyMock is a perfect fit for Test-Driven Development...

8.8CVSS9AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:32 p.m.29 views

[SECURITY] Fedora 40 Update: classloader-leak-test-framework-2.7.0-8.fc40

Stand-alone test framework for detecting and/or verifying the existence or non-existence of Java ClassLoader leaks. It is also possible to test leak prevention mechanisms to confirm that the leak really is avoided. The framewo rk is an built upon JUnit...

8.8CVSS8.3AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:32 p.m.37 views

[SECURITY] Fedora 40 Update: assertj-core-3.24.2-8.fc40

A rich and intuitive set of strongly-typed assertions to use for unit testing either with JUnit or TestNG...

8.8CVSS9.1AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:32 p.m.40 views

[SECURITY] Fedora 40 Update: ant-antunit-1.4.1-11.fc40

This library contains tasks that enables Ant task developers to test their ta sks with Ant and without JUnit. It contains a few assertion tasks and an antunit task that runs build files instead of test classes and is modelled after the JUnit task...

8.8CVSS9AI score0.02557EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2024/02/12 10:46 a.m.6 views

jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin

A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...

5.4CVSS5.6AI score0.00699EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:38 a.m.3 views

jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin

A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...

5.4CVSS5.6AI score0.00699EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:27 a.m.13 views

jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin

A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...

5.4CVSS5.6AI score0.00699EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:26 a.m.8 views

jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin

A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting XSS vulnerability. This may allow an attacker to control test case class names in the JUnit resources...

5.4CVSS5.6AI score0.00699EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:26 a.m.71 views

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7AI score0.99999EPSS
Exploits91References39
Rows per page
Query Builder