BIT-AIRFLOW-2026-32690 Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1

Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked. If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...

CVE-2023-2247

CVE-2023-2247 affects Octopus Deploy. The documented issue allows unmasking variable secrets via the variable preview feature in affected versions. The sources describe the behavior but do not specify exact affected versions or a confirmed patch. No exploitation details are provided in the docume...

PT-2023-18521 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows an attacker to unmask variable secrets using the variable preview function. Recommendations: At the moment, there is no information about a newer version that contai...

CVE-2023-2247

In affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable preview function...