First published: Fri Jun 19 2020(Updated: )
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger a deployment that leaks the Helm Chart repository password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Deploy | >=2018.8.0<2019.12.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-14470 is a vulnerability in Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2 that allows an authenticated user to trigger a deployment leaking the Helm Chart repository password.
CVE-2020-14470 has a severity level of 6.5 (medium).
To fix CVE-2020-14470, ensure you have upgraded Octopus Deploy to version 2019.12.2 or later.