GHSA-jqqh-999x-w26w

Source

https://github.com/advisories/GHSA-jqqh-999x-w26w

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json

Aliases

CVE-2009-2959
PYSEC-2009-1

Published

2022-05-02T03:40:27Z

Modified

2024-04-01T19:56:39.411660Z

Details

Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

Affected packages

PyPI / buildbot

Package

Name: buildbot

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0.7.6

Fixed

0.7.11p3

Affected versions

0.*

0.7.6

0.7.7

0.7.8

0.7.9

0.7.10

0.7.11

0.7.12

0.8.0

0.8.1

0.8.2

0.8.3

0.8.4

0.8.5

0.8.6

0.8.7

0.8.8

0.8.9

0.8.10

0.8.12

0.8.13

0.8.14

0.9.0b1

0.9.0b2

0.9.0b3

0.9.0b4

0.9.0b5

0.9.0b6

0.9.0b7

0.9.0b8

0.9.0b9

0.9.0rc1

0.9.0rc2

0.9.0rc3

0.9.0rc4

0.9.0

0.9.0.post1

0.9.1

0.9.2

0.9.3

0.9.4

0.9.5

0.9.6

0.9.7

0.9.8

0.9.9

0.9.9.post1

0.9.9.post2

0.9.10

0.9.11

0.9.12

0.9.13

0.9.14

0.9.15

0.9.15.post1

1.*

1.0.0

1.1.0

1.1.1

1.1.2

1.2.0

1.3.0

1.4.0

1.5.0

1.6.0

1.7.0

1.8.0

1.8.1

1.8.2

2.*

2.0.1

2.1.0

2.2.0

2.3.0

2.3.1

2.4.0

2.4.1

2.5.0

2.5.1

2.6.0

2.7.0

2.8.0

2.8.1

2.8.2

2.8.3

2.8.4

2.9.0

2.9.1

2.9.2

2.9.3

2.9.4

2.10.0

2.10.1

2.10.2

2.10.3

2.10.4

2.10.5

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.1.0

3.1.1

3.2.0

3.3.0

3.4.0

3.4.1

3.5.0

3.6.0

3.6.1

3.7.0

3.8.0

3.9.0

3.9.1

3.9.2

3.10.0

3.10.1

3.11.0

3.11.1