Filter

Octopus Octopus DeployIn affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable …

First published (updated )

Octopus Octopus DeployIn Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled vi…

7.5
First published (updated )

Octopus Octopus DeployIn affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localh…

First published (updated )

Octopus Octopus DeployWhen Octopus Server is installed using a custom folder location, folder ACLs are not set correctly a…

7.8
First published (updated )

Octopus Octopus DeployIn Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modif…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Octopus Octopus DeployAn issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may a…

7.5
First published (updated )

Octopus Octopus DeployIn Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in…

7.5
First published (updated )

Octopus Octopus DeployIn Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user cr…

7.5
First published (updated )

Octopus Octopus DeployIn Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger…

First published (updated )

Octopus Octopus DeployIn Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, the TaskView permission is not scoped …

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Octopus Octopus DeployIn Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to thei…

8.8
First published (updated )

Octopus Octopus DeployInput Validation, Null Pointer Dereference

First published (updated )

Octopus Octopus DeployCSRF

First published (updated )

Octopus Octopus DeployMalicious File Upload

First published (updated )

Octopus Octopus DeployIn Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authen…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Octopus Octopus DeployIn Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authentica…

First published (updated )

Octopus Octopus DeployIn Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user wit…

8.1
First published (updated )

Octopus Octopus DeployAn Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (an…

First published (updated )

Octopus Octopus DeployIn Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions ma…

First published (updated )

Octopus Octopus DeployInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Octopus Octopus DeployIn Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against th…

7.5
First published (updated )

Octopus Octopus DeployIn Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissio…

First published (updated )

Octopus Octopus DeployAn issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can m…

8.8
First published (updated )

Octopus Octopus DeployIn Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit p…

8.8
First published (updated )

Octopus Octopus DeployCVE-2017-17665

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Octopus Octopus DeployXSS

First published (updated )

Octopus Octopus DeployXSS

First published (updated )

Octopus Octopus DeployOctopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variab…

7.5
First published (updated )

Octopus Octopus DeployIn Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to invite …

First published (updated )

Octopus Octopus DeployInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203