Lucene search
K

70 matches found

vulnersOsv
vulnersOsv
added 2022/11/19 9:30 p.m.8 views

app.getxray:xray-testng-extensions (>=0.1.0 <=0.2.0-beta), com.actiontestscript:ats-automated-testing (>=2.3.6 <=2.5.8) +143 more potentially affected by CVE-2022-4065 via org.testng:testng (>=7.6.0 <=7.6.1)

org.testng:testng MAVEN version =7.6.0, =0.1.0, =2.3.6, =2.4.13, =0.33.0, =1.3, =0.0.2, =0.0.2, =0.0.2, =3.0.0, =2.7.0, =2.8.1 and more Source cves: CVE-2022-4065 Source advisory: OSV:GHSA-RC2Q-X9MF-W3VF...

7.8CVSS6.3AI score0.00876EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/11/19 9:30 p.m.35 views

TestNG is vulnerable to Path Traversal

Impact Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal only for .xml, .yaml and .yml files by default. The attack implies running an...

7.8CVSS7.4AI score0.00876EPSS
Exploits1References11Affected Software1
NVD
NVD
added 2022/11/19 7:15 p.m.10 views

CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

7.8CVSS0.00876EPSS
Exploits1References5
Prion
Prion
added 2022/11/19 7:15 p.m.15 views

Path traversal

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

4.4CVSS7.7AI score0.00876EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2022/11/19 7:15 p.m.5 views

CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

7.8CVSS5.4AI score0.00876EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCve
added 2022/11/19 7:15 p.m.23 views

CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

7.8CVSS6AI score0.00876EPSS
Exploits1References3
OSV
OSV
added 2022/11/19 7:15 p.m.5 views

UBUNTU-CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

7.8CVSS5.8AI score0.00876EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/11/19 12:0 a.m.36 views

CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

7.8CVSS5.9AI score0.00876EPSS
Exploits1
OSV
OSV
added 2022/11/19 12:0 a.m.24 views

CVE-2022-4065 cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

5.5CVSS5.9AI score0.00876EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/11/19 12:0 a.m.36 views

TestNG 路径遍历漏洞

TestNG is a Java language testing framework developed by Cedric Beust. A path traversal vulnerability exists in TestNG, which stems from an affected testngXmlExistsInJar function in the testng-core/src/main/java/org/testng/JarFileUtils.java file in the component XML File Parser, which could lead ...

7.8CVSS6.1AI score0.00876EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/11/19 12:0 a.m.3 views

PT-2022-7280 · Cbeust +1 · Testng +1

Name of the Vulnerable Software and Affected Versions: cbeust testng versions 7.5.0 through 7.7.0 Description: A critical issue affects the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser, leading to path traversal...

7.8CVSS6.8AI score0.00876EPSS
Exploits1References37
Cvelist
Cvelist
added 2022/11/19 12:0 a.m.36 views

CVE-2022-4065 cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

6.5CVSS8AI score0.00876EPSS
Exploits1References5
CVE
CVE
added 2022/11/19 12:0 a.m.126 views

CVE-2022-4065

CVE-2022-4065 affects cbeust TestNG 7.5.0/7.6.0/7.6.1/7.7.0. The vulnerability stems from path traversal in testngXmlExistsInJar (JarFileUtils.java), enabling a remote attacker to traverse directories. Remediation is to upgrade to TestNG 7.5.1 or 7.7.1 (patch 9150736cd2c123a6a3b60e6193630859f9f04...

7.8CVSS6.4AI score0.00876EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2022/07/04 12:0 a.m.26 views

Jenkins Plugin TestNG Results跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...

3.5CVSS0.5AI score0.00567EPSS
Exploits0
OSV
OSV
added 2022/07/01 12:1 a.m.23 views

GHSA-8HV7-4VFC-W8PG Cross-site Scripting in Jenkins TestNG Results Plugin

TestNG Results Plugin has options in its post-build step configuration to not escape test descriptions and exception messages. If those options are unchecked, TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped text provided in test results. This results in a cross-site...

8CVSS5.4AI score0.00567EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/07/01 12:1 a.m.29 views

Cross-site Scripting in Jenkins TestNG Results Plugin

TestNG Results Plugin has options in its post-build step configuration to not escape test descriptions and exception messages. If those options are unchecked, TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped text provided in test results. This results in a cross-site...

5.4CVSS5AI score0.00567EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/06/30 6:15 p.m.20 views

CVE-2022-34778

Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...

5.4CVSS0.00567EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.4 views

CVE-2022-34778

Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...

5.4CVSS5.7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.4 views

CVE-2022-34778

Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...

5.4CVSS5.8AI score0.00567EPSS
Exploits0References2
Prion
Prion
added 2022/06/30 6:15 p.m.15 views

Cross site scripting

Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders the unescaped test descriptions and exception messages provided in test results if certain job-level options are set, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs or contro...

3.5CVSS5.2AI score0.00567EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder