First published: Fri Sep 09 2022(Updated: )
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages.
Credit: security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Server | >=3.0.0<=4.1.10 | |
Octopus Octopus Server | >=2018.1.0<=2021.3.13021 | |
Octopus Octopus Server | >=2022.1.0<2022.1.3106 | |
Octopus Octopus Server | >=2022.2.6729<2022.2.7718 | |
Octopus Octopus Server | >=2022.3.348<2022.3.7782 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.