32 matches found
EUVD-2025-19655
Malicious code in bioql PyPI...
Information Exposure
org.junit.platform, junit-platform-reporting is vulnerable to information exposure. The vulnerability is due to a flaw in the OpenTestReportGeneratingListener leaking Git credentials in generated Open Test Reporting XML files, which allows an attacker to steal exposed tokens from publicly...
SUSE CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
GHSA-M43G-M425-P68X junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener
Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
UBUNTU-CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103
The CVE-2025-53103 issue affects JUnit (Open Test Reporting) where OpenTestReportGeneratingListener can leak Git credentials when writing Open Test Reporting XML files. Vulnerable versions are 5.12.0–5.13.1; patch is 5.13.2. Impact depends on the access level of exposed tokens; if test reports ar...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
JUnit 安全漏洞
JUnit is a testing framework for the Java language from the JUnit open source. A security vulnerability exists in JUnit versions 5.12.0 through 5.13.1, which stems from an Open Test Reporting XML file that may disclose Git credentials...
PT-2025-27572 · Junit · Junit
Name of the Vulnerable Software and Affected Versions: JUnit versions 5.12.0 through 5.13.1 Description: The issue concerns JUnit's support for writing Open Test Reporting XML files, which can leak Git credentials. The impact depends on the level of the access token exposed through the...
CVE-2022-41244
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
CVE-2025-27413
Summary of CVE-2025-27413 (PwnDoc) : Prior to version 1.2.0, PwnDoc’s backup restore functionality accepts raw data containing Path Traversal sequences (../). The template update process uses the database path to write content, which can overwrite source code and enable Remote Code Execution (RCE...
Missing hostname validation in Jenkins View26 Test-Reporting Plugin
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
GHSA-PXP5-G66H-WPV2 Missing hostname validation in Jenkins View26 Test-Reporting Plugin
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
CVE-2022-41244
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
CVE-2022-41244
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
Input validation
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...
CVE-2022-41244
Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections...