{"schema_version":"1.3.1","id":"GO-2023-2388","modified":"2024-08-21T14:30:24Z","published":"2024-08-21T14:30:24Z","aliases":["GHSA-v7hc-87jc-qrrr"],"summary":"eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations in knative.dev/eventing-github","details":"eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations in knative.dev/eventing-github","affected":[{"package":{"name":"knative.dev/eventing-github","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.39.1"}]}],"ecosystem_specific":{}}],"references":[{"type":"ADVISORY","url":"https://github.com/knative-extensions/eventing-github/security/advisories/GHSA-v7hc-87jc-qrrr"},{"type":"WEB","url":"https://github.com/knative-extensions/eventing-github/commit/ea5cb8b25fc3410dde45ce2eb95454e4cfe77c40"},{"type":"WEB","url":"https://github.com/knative-extensions/eventing-github/pull/442"},{"type":"WEB","url":"https://github.com/knative-extensions/eventing-github/pull/446"},{"type":"WEB","url":"https://github.com/knative-extensions/eventing-github/pull/447"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2023-2388","review_status":"UNREVIEWED"}}