DOPPLER-PSA-2021-001: Doppler Product Security Advisory

Doppler has found and resolved an issue that allowed users on a workplace to exceed their privileges against some endpoints. Customers are not required to take any action in response to this issue and this issue was not exploited.

DOPPLER-PSA-2022-001: Doppler Product Security Advisory

Doppler has found and resolved an issue where FullStory recordings made on the Doppler Dashboard's Secret and Config Compare pages were not correctly masking secrets. Customers are not required to take any action in response to this issue.

DOPPLER-PSA-2022-002: Kubernetes Operator Security Advisory

Doppler has resolved a low severity vulnerability in the Doppler Kubernetes Operator which allowed users to access Kubernetes namespaces that they were not otherwise authorized for. Customers are advised to update to Kubernetes Operator v1.2.0.

DOPPLER-PSA-2023-001: Doppler Product Security Advisory

Doppler has found and resolved an issue that allowed users on a workplace to exceed their privileges under certain Group configurations. Customers are not required to take any action in response to this issue.

DOPPLER-PSA-2023-002: Doppler Product Security Advisory

Doppler has found and resolved an issue that allowed users in a workplace to exceed their privileges under certain Group configurations. Customers are not required to take any action in response to this issue.

DOPPLER-PSA-2023-003: Doppler Product Security Advisory

Doppler has found and resolved an issue that allowed users in a workplace with the built-in “Admin” role to exceed their privileges using custom roles. Customers are not required to take any action in response to this issue.

DOPPLER-PSA-2024-001: Doppler Product Security Advisory

Doppler has found and resolved an issue where sensitive customer data, including secrets, may have been sent to BugSnag under rare error conditions. Customers are not required to take any action in response to this issue.