GHSA-mj3x-wprp-mvj9
Suggest an improvement- Source
- https://github.com/advisories/GHSA-mj3x-wprp-mvj9
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mj3x-wprp-mvj9/GHSA-mj3x-wprp-mvj9.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-mj3x-wprp-mvj9
- Aliases
- Published
- 2022-05-02T03:40:28Z
- Modified
- 2024-09-13T18:39:47.218602Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N CVSS Calculator
- Summary
- Buildbot vulnerable to cross-site scripting
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.
- Database specific
{ "nvd_published_at": "2009-08-26T14:24:00Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-04-01T19:28:56Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2009-2967
- https://github.com/buildbot/buildbot/commit/78f7942b5056ab75c27f491b6fd6f266699c15e3
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52896
- https://github.com/buildbot/buildbot
- https://github.com/pypa/advisory-database/tree/main/vulns/buildbot/PYSEC-2009-2.yaml
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00978.html
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00985.html
- http://buildbot.net/trac#SecurityAlert
- http://secunia.com/advisories/36352
- http://secunia.com/advisories/36418
- http://sourceforge.net/mailarchive/message.php?msg_name=42338fbf0908130837o86b77d6y725233076286226f%40mail.gmail.com
- http://www.securityfocus.com/bid/36100
- http://www.vupen.com/english/advisories/2009/2352
Affected packages
PyPI / buildbot
Package
- Name
- buildbot
- View open source insights on deps.dev
- Purl
- pkg:pypi/buildbot
Affected versions
0.*
0.7.6
0.7.7
0.7.8
0.7.9
0.7.10
0.7.11
0.7.12
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
0.8.8
0.8.9
0.8.10
0.8.12
0.8.13
0.8.14
0.9.0b1
0.9.0b2
0.9.0b3
0.9.0b4
0.9.0b5
0.9.0b6
0.9.0b7
0.9.0b8
0.9.0b9
0.9.0rc1
0.9.0rc2
0.9.0rc3
0.9.0rc4
0.9.0
0.9.0.post1
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
0.9.6
0.9.7
0.9.8
0.9.9
0.9.9.post1
0.9.9.post2
0.9.10
0.9.11
0.9.12
0.9.13
0.9.14
0.9.15
0.9.15.post1
1.*
1.0.0
1.1.0
1.1.1
1.1.2
1.2.0
1.3.0
1.4.0
1.5.0
1.6.0
1.7.0
1.8.0
1.8.1
1.8.2
2.*
2.0.1
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
2.4.1
2.5.0
2.5.1
2.6.0
2.7.0
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.10.0
2.10.1
2.10.2
2.10.3
2.10.4
2.10.5
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
3.2.0
3.3.0
3.4.0
3.4.1
3.5.0
3.6.0
3.6.1
3.7.0
3.8.0
3.9.0
3.9.1
3.9.2
3.10.0
3.10.1
3.11.0
3.11.1
3.11.2
3.11.3
3.11.5
3.11.6
3.11.7
4.*
4.0.0
4.0.1
4.0.2