Summary #

Netsparker detected a possible Travis CIĀ configuration file.

Impact #
.travis.yml serves as a configuration file for the Travis CI continuous integration service. As such it might contain sensitive information about your development environment like private keys, passwords and other sensitive data.
Remediation #

Please make sure that .travis.yml is not reachable for an unauthorized third party, either by removing it completely or by restricting access to the file.

Classifications #
CWE-16, ISO27001-A.9.4.1, WASC-15, OWASP 2013-A5, OWASP 2017-A6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO