GHSA-7pgw-q3qp-6pgq: DynamicPageList3 vulnerability exposes hidden/suppressed usernames

GHSA-qf34-qpr4-5pph: docusaurus-plugin-content-gists vulnerability exposes GitHub Personal Access Token

GHSA-q92v-3f4w-5xg8: Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users

GHSA-2g8w-9933-36vr: Jenkins Warrior Framework Plugin vulnerability exposes unencrypted passwords to certain authenticated users

GHSA-jmrv-rxgr-phvr: Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form

CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.

**CoreDNS Cache Poisoning via a birthday attack**

Low severity GitHub Reviewed Published Sep 18, 2024 to the GitHub Advisory Database • Updated Sep 18, 2024

Headline

GHSA-h92q-fgpp-qhrq: CoreDNS Cache Poisoning via a birthday attack

ghsa: Latest News