First published: Thu Oct 27 2022(Updated: )
In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging.
Credit: security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Server | <2022.1.3264 | |
Octopus Octopus Server | >=2022.2.0<2022.2.8351 | |
Octopus Octopus Server | >=2022.3.0<2022.3.10586 | |
Octopus Octopus Server | >=2022.4.0<2022.4.2898 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.