com.epam.reportportal:service-api

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.epam.reportportal:service-apipage 1 of 1

CVE-2020-12642HIGHCVSS 7.5EG 7.5✓ Fixed in 5.1.1
2020-05-04
vulnerable: 5.0.0, 5.1.0
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.
CVE-2021-29620HIGHCVSS 7.5EG 7.5✓ Fixed in 5.4.0
2021-06-23
vulnerable: 3.1.1 ... 5.3.5 (23 versions)
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity (XXE) atta…
CVE-2023-25822MEDIUMCVSS 6.3EG 6.3✓ Fixed in 5.10.0
2023-10-09
vulnerable: 2.6.0 ... 5.8.0 (32 versions)
ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost …

Check whether com.epam.reportportal:service-api is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.epam.reportportal:service-api CVEs against the assets you own.

Start Free Scan →