Overview

File _patchinfo of Package patchinfo.42477

<patchinfo incident="42477">
  <issue tracker="bnc" id="1257293">VUL-0: CVE-2026-24400: assertj-core: Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity (XXE) vulnerability exists in `org.assertj.core.util.xml.XmlStringPrettyFormatter`</issue>
  <issue tracker="cve" id="2026-24400"/>
  <packager>fstrba</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for assertj-core</summary>
  <description>This update for assertj-core fixes the following issues:

Upgrade to version 3.27.7:

- CVE-2026-24400: Fix XXE vulnerability in isXmlEqualTo assertion (bsc#1257293).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places