CVE-2023-2620

LOW Year: 2023
CVSS v3 Score
3.8
Low
Weakness Type
CWE-201
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. A maintainer could modify a webhook URL to leak masked webhook secrets by manipulating other masked portions. This addresses an incomplete fix for CVE-2023-0838.

Related Vulnerabilities

CVE-2024-46665

LOW
CVSS:3.7(Low)

An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounti...

CWE-2012024

CVE-2020-13597

LOW
CVSS:3.5(Low)

Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with suffici...

CWE-2012020

CVE-2024-32028

MEDIUM
CVSS:4.1(Medium)

OpenTelemetry dotnet is a dotnet telemetry framework. In affected versions of `OpenTelemetry.Instrumentation.Http` and `OpenTelemetry.Instrumentation.AspNetCore` the `url.full` writes attribute/tag on...

CWE-2012024

CVE-2025-48219

LOW
CVSS:3.5(Low)

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS (IP Multimedia Subsystem) call and then reading the utran-cell-id-3gpp field of a Cellular...

CWE-2012025

CVE-2020-14514

MEDIUM
CVSS:4.3(Medium)

All trailer Power Line Communications are affected. PLC bus traffic can be sniffed reliably via an active antenna up to 6 feet away. Further distances are also possible, subject to environmental condi...

CWE-2012020

CVE-2020-1770

MEDIUM
CVSS:4.3(Medium)

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior v...

CWE-2012020