13 matches found
EUVD-2022-7421
Malicious code in bioql PyPI...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
SUSE CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
Path Traversal
org.testng:testng is vulnerable to path traversal. A remote authenticated attacker is able to cause a malicious zip file to break out of the expected destination directory, writing contents into arbitrary locations on the file system via the testngXmlExistsInJar function of the...
GHSA-RC2Q-X9MF-W3VF TestNG is vulnerable to Path Traversal
Impact Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal only for .xml, .yaml and .yml files by default. The attack implies running an...
TestNG is vulnerable to Path Traversal
Impact Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to path traversal only for .xml, .yaml and .yml files by default. The attack implies running an...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
Path traversal
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2022-4065
CVE-2022-4065 affects cbeust TestNG 7.5.0/7.6.0/7.6.1/7.7.0. The vulnerability stems from path traversal in testngXmlExistsInJar (JarFileUtils.java), enabling a remote attacker to traverse directories. Remediation is to upgrade to TestNG 7.5.1 or 7.7.1 (patch 9150736cd2c123a6a3b60e6193630859f9f04...
CVE-2022-4065 cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal
A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...
CVE-2018-1000822
codelibs fess version before commit faa265b contains a XML External Entity XXE vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML files. This...
CVE-2018-1000822
CVE-2018-1000822 : The vulnerability affects codelibs fess version before the commit faa265b, where the GSA XML file parser is vulnerable to XML External Entity (XXE). This can lead to disclosure of confidential data, denial of service, SSRF, and port scanning when processing specially crafted GS...