Maven package
com.epam.reportportal/service-api
pkg:maven/com.epam.reportportal/service-api
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25822 | — | < 5.10.0 | 5.10.0 | Oct 9, 2023 | ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches wit | ||
| CVE-2021-29620 | — | >= 3.1.0, < 5.4.0 | 5.4.0 | Jun 23, 2021 | Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity (XXE) attacks. This allows a user to import a speci | ||
| CVE-2020-12642 | — | >= 3.1.0, < 4.3.12 | 4.3.12 | May 4, 2020 | An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import. |
- CVE-2023-25822Oct 9, 2023affected < 5.10.0fixed 5.10.0
ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches wit
- CVE-2021-29620Jun 23, 2021affected >= 3.1.0, < 5.4.0fixed 5.4.0
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity (XXE) attacks. This allows a user to import a speci
- CVE-2020-12642May 4, 2020affected >= 3.1.0, < 4.3.12fixed 4.3.12
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.