53 matches found
Security update for assertj-core
This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0344-1 Security update for assertj-core
This update for assertj-core fixes the following issues: Upgrade to version 3.27.7: - CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion bsc1257293...
assertj-core-3.27.7-1.1 on GA media (moderate)
assertj-core-3.27.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:10106-1 Rating: moderate Cross-References: CVE-2026-24400 CVSS scores: CVE-2026-24400 SUSE : 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L CVE-2026-24400 SUSE : 6.9...
SUSE CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
OPENSUSE-SU-2026:10106-1 assertj-core-3.27.7-1.1 on GA media
These are all security issues fixed in the assertj-core-3.27.7-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-24400
A flaw was found in AssertJ. An XML External Entity XXE vulnerability exists in the XmlStringPrettyFormatter component, which is used by the isXmlEqualToCharSequence assertion. If an application processes untrusted XML input using these methods, a remote attacker could exploit this flaw to read...
Linux Distros Unpatched Vulnerability : CVE-2026-24400
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External...
CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
AZL-75431 CVE-2026-24400 affecting package javapackages-bootstrap for versions less than 1.14.0-4
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
DEBIAN-CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
UBUNTU-CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
EUVD-2026-4724
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
CVE-2026-24400 AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
CVE-2026-24400
CVE-2026-24400 affects AssertJ: up to 3.27.7 contains an XXE risk in XmlStringPrettyFormatter.toXmlDocument(String) used by isXmlEqualTo(CharSequence) and xmlPrettyFormat(String). Versions before 3.27.7 are vulnerable if untrusted XML is processed, potentially enabling local file disclosure (file...
CVE-2026-24400 AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +7515 more potentially affected by CVE-2026-24400 via org.assertj:assertj-core (>=1.4.0 <=3.27.6)
org.assertj:assertj-core MAVEN version =1.4.0, =1.0.0, =0.1.0, =0.1.0, =0.0.62, =0.7.0, =0.0.10, =0.0.6, =0.8.38, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =26.3.1 and more Source cves: CVE-2026-24400 Source advisory: OSV:GHSA-RQFH-9R24-8C9R...
africa.absa:inception-test (>=1.0.0 <=1.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +7515 more potentially affected by CVE-2026-24400 via org.assertj:assertj-core (>=1.4.0 <=3.27.6)
org.assertj:assertj-core MAVEN version =1.4.0, =1.0.0, =0.1.0, =0.1.0, =0.0.62, =0.7.0, =0.0.10, =0.0.6, =0.8.38, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =20.3.3, =26.3.1 and more Source cves: CVE-2026-24400 Source advisory: SNYK:JAVA-ORGASSERTJ-15102413...
GHSA-RQFH-9R24-8C9R AssertJ has XML External Entity (XXE) vulnerability when parsing untrusted XML via isXmlEqualTo assertion
An XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes DocumentBuilderFactory with default settings, without disabling DTDs or external entities. This formatter is used by the isXmlEqualToCharSequence...