Octopus Deploy Security Advisories

Security Advisory 2022-07

Jul 15, 2022 · Vulnerability/Stored XSS Severity/medium CVSS/6.8

Stored Cross-Site Scripting (XSS) in Octopus Server help sidebar (CVE-2022-29890)
Read More
Security Advisory 2022-06

Jul 15, 2022 · Vulnerability/Insecure Direct Object Reference (IDOR) Severity/medium CVSS/6.5

Insecure Direct Object Reference (IDOR) of Project Exports in Octopus Server (CVE-2022-1881)
Read More
Security Advisory 2022-05

Jun 13, 2022 · Vulnerability/Broken Access Control Severity/medium CVSS/5.7

Script Console Access via Private Space in Octopus Server (CVE-2022-2013)
Read More
Security Advisory 2022-04

May 19, 2022 · Vulnerability/Abnormal invite code functionality Severity/Low CVSS/3.4

User invitation limit in Octopus Server can be exceeded (CVE-2022-1670)
Read More
Security Advisory 2022-03

May 4, 2022 · Vulnerability/Broken-Access-Control Severity/medium CVSS/6.4

Broken access control in API for projects using Git VCS (CVE-2022-1502)
Read More
Security Advisory 2022-02

Feb 7, 2022 · Vulnerability/Open-Redirect Severity/medium CVSS/4.3

Open Redirect Vulnerability in Octopus Server (CVE-2022-23184)
Read More
Security Advisory 2022-01

Jan 19, 2022 · Vulnerability/Clear-Text-Storage-Of-Sensitive-Value Severity/medium CVSS/6.3

Cleartext Storage of Sensitive Information in Octopus Tentacle Windows Docker image (CVE-2021-31821)
Read More
Security Advisory 2021-17

Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Java Client SDK log4j 2.16.0 dependency (CVE-2021-45105)
Read More
Security Advisory 2021-16

Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Deploy TeamCity Plugin log4j 2.16.0 dependency (CVE-2021-45105)
Read More
Security Advisory 2021-15

Dec 15, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Java Client SDK log4j 2.15.0 dependency (CVE-2021-45046)
Read More
- 3
- 4
- 5
- 6
- 7