VYPR

Go modules package

github.com/ossf/allstar

pkg:golang/github.com/ossf/allstar

Vulnerabilities (1)

  • CVE-2025-61926MedOct 9, 2025
    affected < 0.0.0-20250721181116-e004ecb540d6fixed 0.0.0-20250721181116-e004ecb540d6

    Allstar is a GitHub App to set and enforce security policies. In versions prior to 4.5, a vulnerability in Allstar’s Reviewbot component caused inbound webhook requests to be validated against a hard-coded, shared secret. The value used for the secret token was compiled into the