Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reportportal reportportal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25822
ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches wit...
Reportportal Service-api
Reportportal Reportportal
NA
CVE-2023-30523
Jenkins Report Portal Plugin 0.5 and previous versions stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by users with Item/Extended Read permission or access to the Jenkins contro...
Jenkins Report Portal
NA
CVE-2023-30524
Jenkins Report Portal Plugin 0.5 and previous versions does not mask ReportPortal access tokens displayed on the configuration form, increasing the potential for malicious users to observe and capture them.
Jenkins Report Portal
445
VMScore
CVE-2021-29620
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity (XXE) attacks. This allows a user to import a speci...
Reportportal Service-api
445
VMScore
CVE-2020-12642
An issue exists in service-api prior to 4.3.12 and 5.x prior to 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.
Reportportal Service-api
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started