First published: Thu Nov 28 2019(Updated: )
In Octopus Deploy before 2019.10.6, an authenticated user with TeamEdit permission could send a malformed Team API request that bypasses input validation and causes an application level denial of service condition. (The fix for this was also backported to LTS 2019.9.8 and LTS 2019.6.14.)
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Deploy | <2019.10.7 | |
Octopus Octopus Deploy | >=2019.6.0<2019.6.14 | |
Octopus Octopus Deploy | >=2019.9.0<2019.9.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.