6 matches found
CVE-2025-10282
BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL...
BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver
Summary Due to unsafe URL handling, bbot's gitclone.py can be made to leak a user's github.com API key to an attacker-controlled webserver. Impact A user who has placed their github.com API key in the configuration for any of the following modules: githubcodesearch githubworkflows gitlab gitclone...
CVE-2025-10282
BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL...
CVE-2025-10282 GitLab Domain Confusion in gitlab Leaks API Key
BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL...
CVE-2025-10282 GitLab Domain Confusion in gitlab Leaks API Key
BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL...
PT-2025-41395
Name of the Vulnerable Software and Affected Versions BBOT affected versions not specified Description The gitlab module in BBOT may allow an attacker to disclose a GitLab API key to a server under their control by using a maliciously formatted git URL. This could potentially lead to unauthorized...