Black Lantern Security Bbot vulnerabilities
5 known vulnerabilities affecting black_lantern_security/bbot.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1LOW2
Vulnerabilities
Page 1 of 1
CVE-2025-10284P2CRITICALCVSS 9.6≥ 2.3.1, ≤ <=2.8.42025-10-09
CVE-2025-10284 [CRITICAL] CWE-22 CVE-2025-10284: BBOT's unarchive module could be abused by supplying malicious archives files and when extracted can
BBOT's unarchive module could be abused by supplying malicious archives files and when extracted can then perform an arbitrary file write, resulting in remote code execution.
nvd
CVE-2026-12568P3MEDIUMCVSS 6.5≥ 2.1.0, ≤ <=2.8.52026-06-17
CVE-2026-12568 [MEDIUM] CWE-22 CVE-2026-12568: The postman_download module uses the workspace name field from the Postman API to construct the loca
The postman_download module uses the workspace name field from the Postman API to construct the local directory path without sanitization. If a malicious workspace has a name containing path traversal characters, pathlib resolves the path outside the intended output directory, allowing an attacker to write arbitrary files to the user's system.
cvelistv5ghsanvd
CVE-2026-12565P4CRITICALCVSS 9.6≥ 2.3.1, ≤ <=2.8.42026-06-17
CVE-2026-12565 [CRITICAL] CWE-22 Path Traversal (Zip-Slip) in unarchive module
Path Traversal (Zip-Slip) in unarchive module
The unarchive internal module's archive extraction commands perform no code-level validation on extracted file paths, relying entirely on the behavior of external tools (e.g. GNU tar) which varies by platform. While CVE-2025-10284 addressed git-specific RCE vectors, the underlying archive extraction path traversal was never fixed. On systems with GNU tar < 1.34 (Ubuntu 20
cvelistv5ghsa
CVE-2026-12566P4LOWCVSS 3.1≥ 2.0.0, ≤ <=2.8.42026-06-17
CVE-2026-12566 [LOW] CWE-918 CVE-2026-12566: The docker_pull module uses the realm parameter from a Docker registry's WWW-Authenticate response h
The docker_pull module uses the realm parameter from a Docker registry's WWW-Authenticate response header as the authentication endpoint without validation. An attacker in a man-in-the-middle position between bbot and a Docker registry could modify this header to redirect the authentication request to an arbitrary endpoint, potentially leaking authenti
cvelistv5ghsanvd
CVE-2026-12567P4LOWCVSS 2.2≥ 2.0.0, ≤ <=2.8.42026-06-17
CVE-2026-12567 [LOW] CWE-59 CVE-2026-12567: The github_workflows module constructs local directory paths from user-controlled repository names w
The github_workflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location.
cvelistv5ghsanvd