junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener

Summary This vulnerability affects JUnit's support for writing Open Test Reporting XML files which is an opt-in feature of junit-platform-reporting. If a repository is cloned using a GitHub token or other credentials in its URL, for example: bash git clone...

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the reporting process. An attacker can gain unauthorized access to sensitive information by exploiting the exposure of Git credentials during report generation. Note: - The versions 5.12.0-M...

app.getxray:xray-junit-extensions (=0.10.0), com.android.tools.screenshot:screenshot-validation-junit-engine (>=0.0.1-alpha11 <=0.0.1-alpha14) +23 more potentially affected by CVE-2025-53103 via org.junit.platform:junit-platform-reporting (>=1.12.0-M1 <=1.13.1)

org.junit.platform:junit-platform-reporting MAVEN version =1.12.0-M1, =0.0.1-alpha11, =5.2.0, =4.0.24, =1.12.0, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.4, =0.103.1, =0.103.1, =0.103.1, =0.104.2 - org.projectnessie.nessie:nessie-versioned-storage-common-tests...