Homepage
About Snyk

com.epam.reportportal:service-api@3.0.1 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the com.epam.reportportal:service-api package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Allocation of Resources Without Limits or Throttling

com.epam.reportportal:service-api is a Report portal. Main API Service

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when the test_item.path field is exceeded the allowable ltree field type indexing limit. An attacker can cause the ReportPortal database to become unstable and reporting almost fully stops except for small launches with approximately 1 test inside by creating a Launch with too many recursively nested elements.

Note: This is only exploitable if the test_item.path field is exceeded the allowable ltree field type indexing limit.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade com.epam.reportportal:service-api to version 5.11.0 or higher.

[,5.11.0)
Go back to all versions of this package