Fedora 28 : buildbot (2019-7eb8c71fe8)

Update to 1.8.1 to fix CVE-2019-7313 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

Fedora 29 : buildbot (2019-7e722314f3)

Update to 1.8.1 to fix CVE-2019-7313 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

Fedora Update for buildbot FEDORA-2019-7eb8c71fe8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CRLF Injection

buildbot is vulnerable to CRLF injection attacks. The vulnerability exists in Redirect and ResourceResource.render where a given redirect parameter can be used for CRLF injection attacks...

buildbot-legacy-slack-adapter (>=1.0.0 <=1.0.1) potentially affected by CVE-2019-7313 via buildbot (=1.3.0)

buildbot PYPI version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on buildbot and may be impacted: - buildbot-legacy-slack-adapter =1.0.0, =1.0.1 Source cves: CVE-2019-7313 Source advisory: OSV:PYSEC-2019-7...

PYSEC-2019-7

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

PYSEC-2019-7

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

PYSEC-2019-77

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

Crlf injection

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

UBUNTU-CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

DEBIAN-CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

CVE-2019-7313

CVE-2019-7313 – Buildbot CRLF Injection : The flaw is in www/resource.py in Buildbot before 1.8.1, allowing CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. Root cause: missing input validation in the redirection code, enabling header manipulation ...

CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

CVE-2019-7313

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain...

buildbot -- CRLF injection in Buildbot login and logout redirect code

A CRLF can be injected in Location header of /auth/login and /auth/logout This is due to lack of input validation in the buildbot redirection code. It was not found a way to impact Buildbot product own security through this vulnerability, but it could be used to compromise other sites hosted on t...

buildbot.com.br XSS vulnerability

Open Bug Bounty ID: OBB-454742 Description| Value ---|--- Affected Website:| buildbot.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

BuildBot WebStatus Detection

The remote host is running BuildBot, a continuous integration tool written in Python. BuildBot comes with WebStatus, a web interface that provides the status of all builds being maintained by BuildBot. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...