VYPR

PyPI package

bbot

pkg:pypi/bbot

Vulnerabilities (4)

  • CVE-2025-10284CriOct 9, 2025
    affected < 2.7.0fixed 2.7.0

    BBOT's unarchive module could be abused by supplying malicious archives files and when extracted can then perform an arbitrary file write, resulting in remote code execution.

  • CVE-2025-10283CriOct 9, 2025
    affected < 2.7.0fixed 2.7.0

    BBOT's gitdumper module could be abused to execute commands through a malicious git repository.

  • CVE-2025-10282MedOct 9, 2025
    affected < 2.7.2fixed 2.7.2

    BBOT's gitlab module could be abused to disclose a GitLab API key to an attacker controlled server with a malicious formatted git URL.

  • CVE-2025-10281MedOct 9, 2025
    affected < 2.7.0fixed 2.7.0

    BBOT's git_clone module could be abused to disclose a GitHub API key to an attacker controlled server with a malicious formatted git URL.