Approved changes feed: RSS · Atom
cpe:2.3:a:octokit:octokit:*:*:*:*:*:node.js:*:*
part: a version: * update: *
| Vendor | Octokit (3a03ff1a-b812-5814-9e78-bc649ef0d1c5) |
|---|---|
| Product | Octokit (21868e1d-d79f-565b-b4a0-97bc924b1d64) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | node.js |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-50728 |
vulnerable | 2026-06-08 06:16:16.357397 |
Unauthenticated Denial of Service in the octokit/webhooks library
MEDIUM (5.4)
octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request was found to cause an uncaught exception that ends the nodejs process. The bug is fixed in octokit/webhooks.js 9.26.3, 10.9.2, 11.1.2, and 12.0.4, app.js 14.02, octokit.js 3.1.2, and Protobot 12.3.3.
Published: 2023-12-15T21:59:00.312Z
Updated: 2024-08-02T22:16:47.284Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.