GHSA-rvpw-p7vw-wj3m: OpenNext for Cloudflare (opennextjs-cloudflare) has a SSRF vulnerability via /_next/image endpoint

GHSA-8cqv-pj7f-pwpc: Teleport allows remote authentication bypass

GHSA-5qpg-rh4j-qp35: pycares has a Use-After-Free Vulnerability

GHSA-8qvm-5x2c-j2w7: protobuf-python has a potential Denial of Service issue

GHSA-g8qw-mgjx-rwjr: New authd users logging in via SSH are members of the root group

CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.

**CoreDNS Cache Poisoning via a birthday attack**

Low severity GitHub Reviewed Published Sep 18, 2024 to the GitHub Advisory Database • Updated Sep 18, 2024

Headline

GHSA-h92q-fgpp-qhrq: CoreDNS Cache Poisoning via a birthday attack

ghsa: Latest News