CVE-2023-47390: Headscale writes bearer tokens to info-level logs

November 11, 2023 (updated November 14, 2023)

Headscale through 0.22.3 writes bearer tokens to info-level logs.

References

github.com/advisories/GHSA-wp76-cf2j-rqq7
github.com/juanfont/headscale/issues/1259
nvd.nist.gov/vuln/detail/CVE-2023-47390

Detect and mitigate CVE-2023-47390 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →