GHSA-PWFR-8PQ7-X9QV Unauthenticated Denial of Service in the octokit/webhooks library

Impact Versions v9.26.0, v10.9.x, v11.1.x, v12.0.x all contained the code that would throw the error. Specifically, during a pentest we encountered a bug in the octokit/webhooks library a dependency of Probot, a framework for building Github Apps. The resulting request was found to cause an...

Design/Logic Flaw

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...