Search for packages
| purl | pkg:deb/debian/buildbot@0.7.12-2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4exh-n9pd-f7dp
Aliases: CVE-2019-12300 GHSA-g86p-hgx5-2pfh PYSEC-2019-6 |
Improper Authentication in Buildbot |
Affected by 0 other vulnerabilities. |
|
VCID-qt6j-ya86-wbc2
Aliases: CVE-2019-7313 GHSA-66x7-2r56-fj77 PYSEC-2019-7 |
www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-66r4-8b5z-4kgu | Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959. |
CVE-2009-2967
GHSA-mj3x-wprp-mvj9 PYSEC-2009-2 |
| VCID-m4gd-9hc3-1ubm | Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
CVE-2009-2959
GHSA-jqqh-999x-w26w PYSEC-2009-1 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-13T12:36:24.994847+00:00 | Debian Oval Importer | Fixing | VCID-66r4-8b5z-4kgu | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-13T10:06:09.353371+00:00 | Debian Oval Importer | Fixing | VCID-m4gd-9hc3-1ubm | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-13T05:23:51.078864+00:00 | Debian Oval Importer | Affected by | VCID-4exh-n9pd-f7dp | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-13T05:11:38.567117+00:00 | Debian Oval Importer | Affected by | VCID-qt6j-ya86-wbc2 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |