VulnerableCode Package Details - pkg:deb/debian/buildbot@0.7.4-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/buildbot@0.7.4-3

Essentials
History (4)

purl	pkg:deb/debian/buildbot@0.7.4-3

Next non-vulnerable version	2.0.1-2
Latest non-vulnerable version	2.0.1-2
Risk	4.5

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-4exh-n9pd-f7dp Aliases: CVE-2019-12300 GHSA-g86p-hgx5-2pfh PYSEC-2019-6	Improper Authentication in Buildbot	2.0.1-2 Affected by 0 other vulnerabilities.
VCID-66r4-8b5z-4kgu Aliases: CVE-2009-2967 GHSA-mj3x-wprp-mvj9 PYSEC-2009-2	Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.	0.7.12-2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-m4gd-9hc3-1ubm Aliases: CVE-2009-2959 GHSA-jqqh-999x-w26w PYSEC-2009-1	Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	0.7.12-2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qt6j-ya86-wbc2 Aliases: CVE-2019-7313 GHSA-66x7-2r56-fj77 PYSEC-2019-7	www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.	2.0.1-2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T12:36:24.986578+00:00	Debian Oval Importer	Affected by	VCID-66r4-8b5z-4kgu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T10:06:09.345115+00:00	Debian Oval Importer	Affected by	VCID-m4gd-9hc3-1ubm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T05:23:51.070382+00:00	Debian Oval Importer	Affected by	VCID-4exh-n9pd-f7dp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T05:11:38.556398+00:00	Debian Oval Importer	Affected by	VCID-qt6j-ya86-wbc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0