CVE-2025-53103
BaseFortify
Publication date: 2025-07-01
Last updated on: 2025-07-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in JUnit versions 5.12.0 to 5.13.1 involves the leakage of Git credentials through the Open Test Reporting XML files generated by the OpenTestReportGeneratingListener. If these test reports are published or stored in public locations, an attacker could steal the exposed access token and impersonate the user or application to perform elevated actions. The issue was fixed in version 5.13.2.
How can this vulnerability impact me? :
If the leaked Git credentials are exposed publicly, a malicious actor could use the stolen access token to impersonate the user or application, potentially performing unauthorized actions with elevated privileges. This could lead to unauthorized access to repositories or other sensitive operations depending on the token's permissions.
What immediate steps should I take to mitigate this vulnerability?
Upgrade JUnit to version 5.13.2 or later, as this version contains the patch that fixes the credential leak issue in Open Test Reporting XML files.