Octopus Deploy Security Advisories
Home
Advisories icon
2021 2022
Severity Levels
Disclosure Policy
  • Security Advisory 2022-05

    Jun 13, 2022 · Vulnerability/Broken Access Control Severity/medium CVSS/5.7

    Script Console Access via Private Space in Octopus Server (CVE-2022-2013)

    Read More
  • Security Advisory 2022-04

    May 19, 2022 · Vulnerability/Abnormal invite code functionality Severity/Low CVSS/3.4

    User invitation limit in Octopus Server can be exceeded (CVE-2022-1670)

    Read More
  • Security Advisory 2022-03

    May 4, 2022 · Vulnerability/Broken-Access-Control Severity/medium CVSS/6.4

    Broken access control in API for projects using Git VCS (CVE-2022-1502)

    Read More
  • Security Advisory 2022-02

    Feb 7, 2022 · Vulnerability/Open-Redirect Severity/medium CVSS/4.3

    Open Redirect Vulnerability in Octopus Server (CVE-2022-23184)

    Read More
  • Security Advisory 2022-01

    Jan 19, 2022 · Vulnerability/Clear-Text-Storage-Of-Sensitive-Value Severity/medium CVSS/6.3

    Cleartext Storage of Sensitive Information in Octopus Tentacle Windows Docker image (CVE-2021-31821)

    Read More
  • Security Advisory 2021-17

    Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

    Octopus Java Client SDK log4j 2.16.0 dependency (CVE-2021-45105)

    Read More
  • Security Advisory 2021-16

    Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

    Octopus Deploy TeamCity Plugin log4j 2.16.0 dependency (CVE-2021-45105)

    Read More
  • Security Advisory 2021-15

    Dec 15, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

    Octopus Java Client SDK log4j 2.15.0 dependency (CVE-2021-45046)

    Read More
  • Security Advisory 2021-14

    Dec 15, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

    Octopus Deploy TeamCity Plugin log4j 2.15.0 dependency (CVE-2021-45046)

    Read More
  • Security Advisory 2021-13

    Dec 13, 2021 · Vulnerability/Vulnerable-Dependency Severity/Medium

    Octopus Java Client SDK log4j2 dependency (CVE-2021-44228)

    Read More
    • ««
    • «
    • 1
    • 2
    • 3
    • »
    • »»

Recent Security Advisories

  • Security Advisory 2022-05
  • Security Advisory 2022-04
  • Security Advisory 2022-03
  • Security Advisory 2022-02
  • Security Advisory 2022-01
  • Security Advisory 2021-17
  • Security Advisory 2021-16
  • Security Advisory 2021-15

Products

OCTOPUS-SERVER 12 OCTOPUS-DEPLOY-TEAMCITY-PLUGIN 3 OCTOPUS-JAVA-SDK 3 OCTOPUS-TENTACLE 3 HALIBUT 1

Tags

SEVERITY/MEDIUM 9 SEVERITY/HIGH 7 SEVERITY/LOW 6 VULNERABILITY/VULNERABLE-DEPENDENCY 6 VULNERABILITY/CLEAR-TEXT-STORAGE-OF-SENSITIVE-VALUE 5 VULNERABILITY/LOCAL-PRIVILEGE-ESCALATION 3 VULNERABILITY/REMOTE-CODE-EXECUTION 3 VULNERABILITY/BROKEN-ACCESS-CONTROL 2 CVSS/3.4 1 CVSS/4.3 1 CVSS/5.7 1 CVSS/6.3 1 CVSS/6.4 1 VULNERABILITY/ABNORMAL-INVITE-CODE-FUNCTIONALITY 1
All Tags
CVSS/3.41 CVSS/4.31 CVSS/5.71 CVSS/6.31 CVSS/6.41 SEVERITY/HIGH7 SEVERITY/LOW6 SEVERITY/MEDIUM9 VULNERABILITY/ABNORMAL-INVITE-CODE-FUNCTIONALITY1 VULNERABILITY/BROKEN-ACCESS-CONTROL2 VULNERABILITY/CLEAR-TEXT-STORAGE-OF-SENSITIVE-VALUE5 VULNERABILITY/LOCAL-PRIVILEGE-ESCALATION3 VULNERABILITY/OPEN-REDIRECT1 VULNERABILITY/REMOTE-CODE-EXECUTION3 VULNERABILITY/SQL-INJECTION1 VULNERABILITY/VULNERABLE-DEPENDENCY6
[A~Z][0~9]
 Octopus Deploy Security Advisories

Copyright   OCTOPUS DEPLOY SECURITY ADVISORIES. All Rights Reserved