Filter
Octopus DeployIn affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which resul…
5.5
First published (updated )
Octopus DeployIn affected versions of Octopus Deploy it is possible to discover network details via error message
5.3
First published (updated )
Octopus DeployIn affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable …
5.3
First published (updated )
Octopus DeployAn Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (an…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Octopus DeployIn affected versions of Octopus Deploy it is possible for a low privileged guest user to interact wi…
5.5
First published (updated )
Octopus DeployIn affected versions of Octopus Server it is possible for the OpenID client secret to be logged in c…
7.5
First published (updated )
Octopus DeployIn Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do n…
9.8
First published (updated )
Octopus DeployIn Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions ma…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Octopus DeployIn Octopus Deploy 2018.8.0 through 2018.9.x before 2018.9.1, an authenticated user with permission t…
First published (updated )
Octopus DeployIn Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against th…
7.5
First published (updated )
Octopus DeployIn Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissio…
6.5
First published (updated )
Octopus DeployAn issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can m…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Octopus DeployIn Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit p…
8.8
First published (updated )
Octopus DeployInput Validation, Null Pointer Dereference
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Octopus DeployIn Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with Va…
4.3
First published (updated )
Octopus DeployIn Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticate…
6.5
First published (updated )
Octopus DeployIn Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenti…
6.5
First published (updated )
Octopus DeployIn Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authen…
4.9
First published (updated )
Octopus DeployIn Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authentica…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Octopus DeployIn Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user wit…
8.1
First published (updated )
Octopus DeployAn issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may a…
7.5
First published (updated )
Octopus DeployIn Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modif…
6.1
First published (updated )
Octopus DeployIn Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in…
7.5
First published (updated )
Octopus DeployIn Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user cr…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.