bbot 2.6.0.6856rc0

Direct Vulnerabilities

Known vulnerabilities in the bbot package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Information Exposure bbot is an OSINT automation for hackers. Affected versions of this package are vulnerable to Information Exposure via the `gitlab` process. An attacker can obtain sensitive API key information by tricking the system into connecting to a maliciously crafted git URL. How to fix Information Exposure? Upgrade `bbot` to version 2.7.0 or higher.	[,2.7.0)
M Information Exposure bbot is an OSINT automation for hackers. Affected versions of this package are vulnerable to Information Exposure via `git_clone`. An attacker can obtain sensitive information by tricking a user into cloning a repository using a specially crafted URL that causes the API key to be sent to an attacker-controlled server. How to fix Information Exposure? Upgrade `bbot` to version 2.7.0 or higher.	[,2.7.0)
H Directory Traversal bbot is an OSINT automation for hackers. Affected versions of this package are vulnerable to Directory Traversal via `gitdumper`. An attacker can execute arbitrary commands by crafting a malicious git repository. How to fix Directory Traversal? Upgrade `bbot` to version 2.7.0 or higher.	[,2.7.0)
H Directory Traversal bbot is an OSINT automation for hackers. Affected versions of this package are vulnerable to Directory Traversal via `unarchive.py`. An attacker can execute arbitrary code by supplying a specially crafted archive file that, when extracted, writes files to arbitrary locations on the file system. How to fix Directory Traversal? Upgrade `bbot` to version 2.7.0 or higher.	[,2.7.0)

Vulnerability

Vulnerable Version

Information Exposure

bbot is an OSINT automation for hackers.

Affected versions of this package are vulnerable to Information Exposure via the gitlab process. An attacker can obtain sensitive API key information by tricking the system into connecting to a maliciously crafted git URL.

How to fix Information Exposure?

Upgrade bbot to version 2.7.0 or higher.

[,2.7.0)

Information Exposure

bbot is an OSINT automation for hackers.

Affected versions of this package are vulnerable to Information Exposure via git_clone. An attacker can obtain sensitive information by tricking a user into cloning a repository using a specially crafted URL that causes the API key to be sent to an attacker-controlled server.

How to fix Information Exposure?

Upgrade bbot to version 2.7.0 or higher.

[,2.7.0)

Directory Traversal

bbot is an OSINT automation for hackers.

Affected versions of this package are vulnerable to Directory Traversal via gitdumper. An attacker can execute arbitrary commands by crafting a malicious git repository.

How to fix Directory Traversal?

Upgrade bbot to version 2.7.0 or higher.

[,2.7.0)

Directory Traversal

bbot is an OSINT automation for hackers.

Affected versions of this package are vulnerable to Directory Traversal via unarchive.py. An attacker can execute arbitrary code by supplying a specially crafted archive file that, when extracted, writes files to arbitrary locations on the file system.

How to fix Directory Traversal?

Upgrade bbot to version 2.7.0 or higher.

[,2.7.0)

bbot@2.6.0.6856rc0

OSINT automation for hackers.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically