81 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-53103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git...
Information Exposure
org.junit.platform, junit-platform-reporting is vulnerable to information exposure. The vulnerability is due to a flaw in the OpenTestReportGeneratingListener leaking Git credentials in generated Open Test Reporting XML files, which allows an attacker to steal exposed tokens from publicly...
SUSE CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener
Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...
GHSA-M43G-M425-P68X junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener
Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
UBUNTU-CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103
The CVE-2025-53103 issue affects JUnit (Open Test Reporting) where OpenTestReportGeneratingListener can leak Git credentials when writing Open Test Reporting XML files. Vulnerable versions are 5.12.0–5.13.1; patch is 5.13.2. Impact depends on the access level of exposed tokens; if test reports ar...
Cleartext Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the reporting process. An attacker can gain unauthorized access to sensitive information by exploiting the exposure of Git credentials during report generation. Note: - The versions 5.12.0-M...
CVE-2025-53103
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
CVE-2025-53103 JUnit OpenTestReportGeneratingListener can leak Git credentials
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...
JUnit 安全漏洞
JUnit is a testing framework for the Java language from the JUnit open source. A security vulnerability exists in JUnit versions 5.12.0 through 5.13.1, which stems from an Open Test Reporting XML file that may disclose Git credentials...
CVE-2020-13353
When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above...
CVE-2019-11549
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors...
DEBIAN-CVE-2024-50349
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt i.e. without using any credential helper, it prints out the host name for whic...
CVE-2024-50349 Git does not sanitize URLs when asking for credentials interactively
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt i.e. without using any credential helper, it prints out the host name for whic...
GO-2024-3265 Git credentials are exposed in Atlantis logs in github.com/runatlantis/atlantis
Git credentials are exposed in Atlantis logs in github.com/runatlantis/atlantis...
Sensitive Information Disclosure
io.quarkus, quarkus-kubernetes-deployment is vulnerable to Git Credentials Disclosure. The vulnerability due to a flaw in the continuous integration CI configuration, leading to the inadvertent publication of git credentials to the metadata annotation...
In Quarkus, git credentials could be inadvertently published
A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk...