First published: Fri Aug 19 2022(Updated: )
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template.
Credit: security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Server | >=0.9<=0.9.620.4 | |
Octopus Octopus Server | >=1.0<=1.6.3.1723 | |
Octopus Octopus Server | >=2.0<=2.6.5 | |
Octopus Octopus Server | >=3.0.0<=3.17.14 | |
Octopus Octopus Server | >=4.0.4<=4.1.10 | |
Octopus Octopus Server | >=2018.1.0<=2018.12.1 | |
Octopus Octopus Server | >=2019.1.0<=2019.13.7 | |
Octopus Octopus Server | >=2020.1.0<=2020.6.5449 | |
Octopus Octopus Server | >=2021.1.6959<=2021.3.13021 | |
Octopus Octopus Server | >=2022.1.0<2022.1.2894 | |
Octopus Octopus Server | >=2022.2.6729<2022.2.6872 | |
Octopus Octopus Server | >=2022.3.348<2022.3.4953 | |
Linux Linux kernel | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.