Summary

Acunetix 360 detected a possible Travis CIĀ configuration file.

Impact

.travis.yml serves as a configuration file for the Travis CI continuous integration service. As such it might contain sensitive information about your development environment like private keys, passwords and other sensitive data.

Remediation

Please make sure that .travis.yml is not reachable for an unauthorized third party, either by removing it completely or by restricting access to the file.

Severity

Information

Classification

CWE-16 ISO27001-A.9.4.1 WASC-15 OWASP 2013-A5 OWASP 2017-A6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C