Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-12300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a toke...

9.8CVSS8.1AI score0.01825EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/06/10 12:0 a.m.20 views

Fedora 29 : buildbot (2019-2ea119f414)

Update to 1.8.2 to fix CVE-2019-12300. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

9.8CVSS8.2AI score0.01825EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/06/08 12:0 a.m.23 views

Fedora Update for buildbot FEDORA-2019-2ea119f414

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.01825EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/06/07 12:0 a.m.20 views

Fedora 30 : buildbot (2019-3270dc130b)

Update to 2.3.1 to fix CVE-2019-12300. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

9.8CVSS8.2AI score0.01825EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/06/07 12:0 a.m.15 views

Fedora Update for buildbot FEDORA-2019-3270dc130b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.01825EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/05/29 6:48 p.m.3 views

buildbot-fossil (>=0.1.0 <=0.3.0), buildbot-gitea (>=1.3.0 <=1.3.1) potentially affected by CVE-2019-12300 via buildbot (=2.10.5)

buildbot PYPI version =2.10.5 is affected by a known vulnerability. The following packages have a transitive dependency on buildbot and may be impacted: - buildbot-fossil =0.1.0, =1.3.0, =1.3.1 Source cves: CVE-2019-12300 Source advisory: OSV:GHSA-G86P-HGX5-2PFH...

9.8CVSS7.2AI score0.01825EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/05/29 6:48 p.m.5 views

buildbot-legacy-slack-adapter (>=1.0.0 <=1.0.1) potentially affected by CVE-2019-12300 via buildbot (=1.3.0)

buildbot PYPI version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on buildbot and may be impacted: - buildbot-legacy-slack-adapter =1.0.0, =1.0.1 Source cves: CVE-2019-12300 Source advisory: OSV:GHSA-G86P-HGX5-2PFH...

9.8CVSS7.2AI score0.01825EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/05/23 3:30 p.m.4 views

buildbot-legacy-slack-adapter (>=1.0.0 <=1.0.1) potentially affected by CVE-2019-12300 via buildbot (=1.3.0)

buildbot PYPI version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on buildbot and may be impacted: - buildbot-legacy-slack-adapter =1.0.0, =1.0.1 Source cves: CVE-2019-12300 Source advisory: OSV:PYSEC-2019-6...

9.8CVSS7.2AI score0.01825EPSS
Exploits0
CVE
CVE
added 2019/05/23 2:18 p.m.116 views

CVE-2019-12300

Buildbot vulnerable when running versions before 1.8.2 and 2.x before 2.3.1: it accepts a user-submitted OAuth token and uses it to authenticate the user. If an attacker obtains a token that can read a victim’s user details, they can log in as that victim. Fedora advisories indicate patch updates...

9.8CVSS9.1AI score0.01825EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/05/23 2:18 p.m.15 views

CVE-2019-12300

Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim...

9.3AI score0.01825EPSS
Exploits0References3
Rows per page
Query Builder