Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006777 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at th...

CVE-2022-1901

In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview...

DEBIAN-CVE-2024-36950

In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until busresetwork has serviced and cleared the...

CVE-2023-40712

Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI. Users are strongly...

CVE-2023-40712 Apache Airflow: Secrets can be unmasked in the "Rendered Template"

Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI. Users are strongly...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability may allow an authenticated user to unmask the Discord Webhook URL through viewing the raw API response...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability within the project maintainer component allows it to unmask webhook secret tokens by viewing the logs after testing webhooks...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

Code injection

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

PT-2023-18521 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows an attacker to unmask variable secrets using the variable preview function. Recommendations: At the moment, there is no information about a newer version that contai...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

Code injection

An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord Webhook URL through viewing the raw API respons...

CVE-2022-4462

Removed by vendor...

PT-2023-14519 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 12.8 through 15.7.8 GitLab versions 15.8 through 15.8.4 GitLab versions 15.9 through 15.9.2 Description: The issue could allow a user to unmask the Discord Webhook URL through viewing the raw API response. Recommendations: For...

SUSE CVE-2019-18422

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled...

CVE-2022-3902

An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...

CVE-2022-3902

The CVE-2022-3902 issue affects GitLab: versions 9.3–15.4.5, 15.5–15.5.4, and 15.6–15.6.0 are vulnerable to unmasking webhook secret tokens by reviewing logs after testing webhooks. Root cause details are not expanded beyond the description provided, but the vulnerability allows a project maintai...

CVE-2022-3460

In affected versions of Octopus Deploy it is possible for certain types of sensitive variables to inadvertently become unmasked when viewed in variable preview...

CVE-2022-1901

In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview...

CVE-2022-1901

In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview...