2 matches found
CVE-2025-53624
The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...
GitHub: Authentication bypass on gist.github.com through SSH Certificates
An authentication bypass vulnerability was found in GitHub Enterprise Server that allowed unauthorized access to modify other users' secret gists through SSH certificates. The vulnerability affected all versions of GitHub Enterprise Server prior to 3.9 and was fixed in versions 3.4.18, 3.5.15,...