Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes secret data to have unexpected sharing that is not specified by the customer-controlled .travis.yml file. In particular, the desired behavior (if .travis.yml has been created locally by a customer, and added to git) is for a Travis service to perform builds in a way that prevents public access to customer-specific secret environment data such as signing keys, access credentials, and API tokens. However, during the stated 8-day interval, secret data could be revealed to an unauthorized actor who forked a public repository and printed files during a build process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Travis CI 安全漏洞
Vulnerability Description
Travis Ci是德国Travis Ci开源的一个在线的,分布式的持续集成服务。用于构建及测试在GitHub托管的代码。 Travis CI存在安全漏洞,该漏洞会导致秘密数据意外共享。
CVSS Information
N/A
Vulnerability Type
N/A