Filter
AND

Software

octopus octopus server
14
octopus octopus deploy
12
octopus server
3
octopus tentacle
2

Octopus Octopus ServerIn affected versions of Octopus Server it is possible for the OpenID client secret to be logged in c…

high
7.5
First published (updated )
CVE-2023-1904

Octopus Octopus ServerCommand Injection

high
8.8
First published (updated )
CVE-2022-4009

Octopus Octopus ServerMalicious File Upload

high
7.5
First published (updated )
CVE-2022-2883

Octopus Octopus ServerIn affected versions of Octopus Deploy it is possible for certain types of sensitive variables to in…

high
7.5
First published (updated )
CVE-2022-3460

Octopus Octopus ServerIn affected versions of Octopus Server it is possible for target discovery to print certain values m…

high
7.5
First published (updated )
CVE-2022-2721

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus ServerIn affected versions of Octopus Server it is possible to use the Git Connectivity test function on t…

high
8.1
First published (updated )
CVE-2022-2780

Octopus Octopus ServerIn affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting…

high
7.5
First published (updated )
CVE-2022-2075

Octopus Octopus ServerIn affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the…

high
7.5
First published (updated )
CVE-2022-2074

Octopus Octopus ServerIn affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the p…

high
7.5
First published (updated )
CVE-2022-2049

Octopus Octopus DeployIn Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled vi…

high
7.5
First published (updated )
CVE-2022-2013

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus ServerWhen generating a user invitation code in Octopus Server, the validity of this code can be set for a…

high
7.5
First published (updated )
CVE-2022-1670

Octopus TentacleWhen Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions…

high
7.8
First published (updated )
CVE-2021-31822

Octopus TentacleWhen Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly…

high
7.8
First published (updated )
CVE-2021-26557

Octopus Octopus DeployWhen Octopus Server is installed using a custom folder location, folder ACLs are not set correctly a…

high
7.8
First published (updated )
CVE-2021-26556

Octopus Octopus ServerIn Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with …

high
7.5
First published (updated )
CVE-2021-31820

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus ServerWhen configuring Octopus Server if it is configured with an external SQL database, on initial config…

high
7.5
First published (updated )
CVE-2021-31817

Octopus ServerWhen configuring Octopus Server if it is configured with an external SQL database, on initial config…

high
7.5
First published (updated )
CVE-2021-31816

Octopus ServerCleartext storage of sensitive information in multiple versions of Octopus Server where in certain s…

high
7.5
First published (updated )
CVE-2021-30183

Octopus Octopus DeployAn issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may a…

high
7.5
First published (updated )
CVE-2020-27155

Octopus Octopus DeployIn Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in…

high
7.5
First published (updated )
CVE-2020-25825

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus DeployIn Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user cr…

high
7.5
First published (updated )
CVE-2020-24566

Octopus Octopus DeployIn Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to thei…

high
8.8
First published (updated )
CVE-2020-10678

Octopus Octopus DeployIn Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user wit…

high
8.1
First published (updated )
CVE-2019-11632

Octopus Octopus ServerInfoleak

high
7.5
First published (updated )
CVE-2018-12089

Octopus Octopus DeployIn Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against th…

high
7.5
First published (updated )
CVE-2018-10550

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus DeployAn issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can m…

high
8.8
First published (updated )
CVE-2018-5706

Octopus Octopus DeployIn Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit p…

high
8.8
First published (updated )
CVE-2018-4862

Octopus Octopus DeployCVE-2017-17665

First published (updated )
CVE-2017-17665

Octopus Octopus DeployOctopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variab…

high
7.5
First published (updated )
CVE-2017-15609

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203