buildbot@0.7.7 vulnerabilities
The Continuous Integration Framework
-
latest version
3.11.3
-
latest non vulnerable version
-
first published
17 years ago
-
latest version published
2 hours ago
-
licenses detected
- [0.7.3,2.4.0)
Direct Vulnerabilities
Known vulnerabilities in the buildbot package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
buildbot is a continuous integration framework for automating software build, test, and release processes. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the waterfall web status view, which allows attackers to inject arbitrary web script or HTML. How to fix Cross-site Scripting (XSS)? Upgrade |
[,0.7.11p3)
|
buildbot is a continuous integration framework for automating software build, test, and release processes. Affected versions of this package are vulnerable to CRLF injection in the Location header of How to fix CRLF injection? Upgrade |
[,1.8.1)
|
buildbot is an open-source continuous integration framework for automating software build, test, and release processes. Affected versions of this package are vulnerable to Timing Attack. It implemented a character to character comparison How to fix Timing Attack? Upgrade |
[,1.3.0)
|
buildbot is an open-source continuous integration framework for automating software build, test, and release processes. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. A malicious user could inject arbitrary web script or HTML via unspecified vectors. How to fix Cross-site Scripting (XSS)? Upgrade |
[0.7.6,0.7.11p3)
|