Posts | Octopus Deploy Security Advisories

Security Advisory 2022-05

Jun 13, 2022 · Vulnerability/Broken Access Control Severity/medium CVSS/5.7

Script Console Access via Private Space in Octopus Server (CVE-2022-2013)
Read More
Security Advisory 2022-04

May 19, 2022 · Vulnerability/Abnormal invite code functionality Severity/Low CVSS/3.4

User invitation limit in Octopus Server can be exceeded (CVE-2022-1670)
Read More
Security Advisory 2022-03

May 4, 2022 · Vulnerability/Broken-Access-Control Severity/medium CVSS/6.4

Broken access control in API for projects using Git VCS (CVE-2022-1502)
Read More
Security Advisory 2022-02

Feb 7, 2022 · Vulnerability/Open-Redirect Severity/medium CVSS/4.3

Open Redirect Vulnerability in Octopus Server (CVE-2022-23184)
Read More
Security Advisory 2022-01

Jan 19, 2022 · Vulnerability/Clear-Text-Storage-Of-Sensitive-Value Severity/medium CVSS/6.3

Cleartext Storage of Sensitive Information in Octopus Tentacle Windows Docker image (CVE-2021-31821)
Read More
Security Advisory 2021-17

Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Java Client SDK log4j 2.16.0 dependency (CVE-2021-45105)
Read More
Security Advisory 2021-16

Dec 20, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Deploy TeamCity Plugin log4j 2.16.0 dependency (CVE-2021-45105)
Read More
Security Advisory 2021-15

Dec 15, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Java Client SDK log4j 2.15.0 dependency (CVE-2021-45046)
Read More
Security Advisory 2021-14

Dec 15, 2021 · Vulnerability/Vulnerable-Dependency Severity/Low

Octopus Deploy TeamCity Plugin log4j 2.15.0 dependency (CVE-2021-45046)
Read More
Security Advisory 2021-13

Dec 13, 2021 · Vulnerability/Vulnerable-Dependency Severity/Medium

Octopus Java Client SDK log4j2 dependency (CVE-2021-44228)
Read More
- 1
- 2
- 3