70 matches found
app.getxray:xray-testng-extensions (>=0.1.0 <=0.2.0-beta), com.actiontestscript:ats-automated-testing (>=2.3.6 <=2.5.8) +143 more potentially affected by CVE-2022-4065 via org.testng:testng (>=7.6.0 <=7.6.1)
org.testng:testng MAVEN version =7.6.0, =0.1.0, =2.3.6, =2.4.13, =0.33.0, =1.3, =0.0.2, =0.0.2, =0.0.2, =3.0.0, =2.7.0, =2.8.1 and more Source cves: CVE-2022-4065 Source advisory: OSV:GHSA-RC2Q-X9MF-W3VF...
TestNG is vulnerable to Path Traversal
Impact Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal only for .xml, .yaml and .yml files by default. The attack implies running an...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
Path traversal
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
UBUNTU-CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065 cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
TestNG 路径遍历漏洞
TestNG is a Java language testing framework developed by Cedric Beust. A path traversal vulnerability exists in TestNG, which stems from an affected testngXmlExistsInJar function in the testng-core/src/main/java/org/testng/JarFileUtils.java file in the component XML File Parser, which could lead ...
PT-2022-7280 · Cbeust +1 · Testng +1
Name of the Vulnerable Software and Affected Versions: cbeust testng versions 7.5.0 through 7.7.0 Description: A critical issue affects the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser, leading to path traversal...
CVE-2022-4065 cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
CVE-2022-4065 affects cbeust TestNG 7.5.0/7.6.0/7.6.1/7.7.0. The vulnerability stems from path traversal in testngXmlExistsInJar (JarFileUtils.java), enabling a remote attacker to traverse directories. Remediation is to upgrade to TestNG 7.5.1 or 7.7.1 (patch 9150736cd2c123a6a3b60e6193630859f9f04...
Jenkins Plugin TestNG Results跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...
GHSA-8HV7-4VFC-W8PG Cross-site Scripting in Jenkins TestNG Results Plugin
TestNG Results Plugin has options in its post-build step configuration to not escape test descriptions and exception messages. If those options are unchecked, TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped text provided in test results. This results in a cross-site...
Cross-site Scripting in Jenkins TestNG Results Plugin
TestNG Results Plugin has options in its post-build step configuration to not escape test descriptions and exception messages. If those options are unchecked, TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped text provided in test results. This results in a cross-site...
CVE-2022-34778
Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...
CVE-2022-34778
Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...
CVE-2022-34778
Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...
Cross site scripting
Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...