Filter

Software

octopus octopus server
45
octopus octopus deploy
31
octopus server
9
octopus tentacle
4
octopus halibut
1

Octopus Octopus DeployIn affected versions of Octopus Deploy it is possible to unmask variable secrets using the variable …

medium
5.3
First published (updated )
CVE-2023-2247

Octopus Octopus DeployAn Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (an…

medium
6.5
First published (updated )
CVE-2019-8944

Octopus Octopus ServerSSRF

medium
5.5
First published (updated )
CVE-2022-2416

Octopus Octopus ServerIn affected versions of Octopus Deploy it is possible for a low privileged guest user to interact wi…

medium
5.5
First published (updated )
CVE-2022-2346

Octopus Octopus ServerIn affected versions of Octopus Server it is possible for the OpenID client secret to be logged in c…

high
7.5
First published (updated )
CVE-2023-1904

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus ServerIn Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do n…

critical
9.8
First published (updated )
CVE-2018-11320

Octopus Octopus DeployIn Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions ma…

medium
6.5
First published (updated )
CVE-2018-12884

Octopus Octopus ServerInfoleak

high
7.5
First published (updated )
CVE-2018-12089

Octopus Octopus ServerIn Octopus Deploy 2018.8.0 through 2018.9.x before 2018.9.1, an authenticated user with permission t…

critical
9
First published (updated )
CVE-2018-18850

Octopus Octopus DeployInfoleak

medium
5.5
First published (updated )
CVE-2018-10581

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus DeployIn Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against th…

high
7.5
First published (updated )
CVE-2018-10550

Octopus Octopus DeployIn Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissio…

medium
6.5
First published (updated )
CVE-2018-9039

Octopus Octopus DeployAn issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can m…

high
8.8
First published (updated )
CVE-2018-5706

Octopus Octopus DeployIn Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit p…

high
8.8
First published (updated )
CVE-2018-4862

Octopus Octopus DeployInput Validation, Null Pointer Dereference

medium
6.5
First published (updated )
CVE-2019-19376

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus DeployCSRF

medium
5.3
First published (updated )
CVE-2019-19375

Octopus Octopus DeployMalicious File Upload

medium
4.3
First published (updated )
CVE-2019-19084

Octopus ServerXSS

medium
5.4
First published (updated )
CVE-2019-19085

Octopus Octopus ServerIn Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with Va…

medium
4.3
First published (updated )
CVE-2019-15698

Octopus ServerIn Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticate…

medium
6.5
First published (updated )
CVE-2019-15508

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus ServerIn Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenti…

medium
6.5
First published (updated )
CVE-2019-15507

Octopus Octopus DeployIn Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authen…

medium
4.9
First published (updated )
CVE-2019-14525

Octopus Octopus DeployIn Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authentica…

medium
6.5
First published (updated )
CVE-2019-14268

Octopus Octopus DeployIn Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user wit…

high
8.1
First published (updated )
CVE-2019-11632

Octopus Octopus DeployAn issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may a…

high
7.5
First published (updated )
CVE-2020-27155

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Octopus Octopus DeployIn Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modif…

medium
6.1
First published (updated )
CVE-2020-26161

Octopus Octopus DeployIn Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in…

high
7.5
First published (updated )
CVE-2020-25825

Octopus Octopus DeployIn Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user cr…

high
7.5
First published (updated )
CVE-2020-24566

Octopus Octopus ServerAn issue was discovered in Octopus Deploy 3.4. A deployment target can be configured with an Account…

medium
4.3
First published (updated )
CVE-2020-16197

Octopus Octopus DeployIn Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger…

medium
6.5
First published (updated )
CVE-2020-14470

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203