70 matches found
MGASA-2023-0220 Updated testng packages fix security vulnerability
Path traversal in zip files CVE-2022-4065...
Cross-Site Scripting (XSS)
Jenkins TestNG Results Plugin is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to lack of escaping of values that are parsed from TestNG report files which allows an attacker to inject and execute arbitrary JavaScript...
GHSA-H3HG-R97V-5R9W Jenkins TestNG Results Plugin Stored Cross-site Scripting vulnerability
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin’s test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a...
Jenkins TestNG Results Plugin Stored Cross-site Scripting vulnerability
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin’s test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a...
CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
Cross site scripting
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
CVE-2023-32984
CVE-2023-32984 affects the Jenkins TestNG Results Plugin (730.v4c5283037693 and earlier). The vulnerability is a stored XSS caused by insufficient escaping of values parsed from TestNG report files, which are displayed on the plugin’s test information pages. Exploitation requires an attacker to s...
CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
CVE-2023-32984
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted...
Jenkins Plugin TestNG Results 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
SUSE: Security Advisory (SUSE-SU-2023:1690-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : testng (SUSE-SU-2023:1690-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1690-1 advisory. - CVE-2022-4065: Fixed a path traversal in zip files bsc1205628. Tenable has extracted the preceding...
SUSE-SU-2023:1690-1 Security update for testng
This update for testng fixes the following issues: - CVE-2022-4065: Fixed a path traversal in zip files bsc1205628...
SUSE CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
Path Traversal
org.testng:testng is vulnerable to path traversal. A remote authenticated attacker is able to cause a malicious zip file to break out of the expected destination directory, writing contents into arbitrary locations on the file system via the testngXmlExistsInJar function of the...
CodeLineCounter:lineCounterPlugin (=1.1.4), app.getxray:xray-testng-extensions (>=0.3.0 <=0.5.0) +3530 more potentially affected by CVE-2022-4065 via org.testng:testng (>=6.13 <=7.5)
org.testng:testng MAVEN version =6.13, =0.3.0, =0.0.4, =0.3.0, =0.9.0, =0.26.0, =0.20.0, =0.9.0, =0.23.0, =0.28.0 - br.com.objectos.orm:testing =0.2.0 - br.com.objectos.oss-java11:objectos-testing =1.0.0 - br.com.objectos.oss-java16:objectos-testing =1.0.0 and more Source cves: CVE-2022-4065 Sour...
app.getxray:xray-testng-extensions (>=0.1.0 <=0.2.0-beta), com.actiontestscript:ats-automated-testing (>=2.3.6 <=2.5.8) +143 more potentially affected by CVE-2022-4065 via org.testng:testng (>=7.6.0 <=7.6.1)
org.testng:testng MAVEN version =7.6.0, =0.1.0, =2.3.6, =2.4.13, =0.33.0, =1.3, =0.0.2, =0.0.2, =0.0.2, =3.0.0, =2.7.0, =2.8.1 and more Source cves: CVE-2022-4065 Source advisory: OSV:GHSA-RC2Q-X9MF-W3VF...