CPE-7A539C9B-6890-4C6B-9716-076F7D37F105 Detail

CPE Details

Octopus Server 3.2.13

Vendor

octopus

Product

octopus_server

Version

3.2.13

Created

2022-07-27
12h50 +00:00

Modified

2022-07-27
13h17 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:octopus:octopus_server:3.2.13:::::::*

Informations

Vendor

octopus

Product

octopus_server

Version

3.2.13

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-4870	2023-05-17 22h00 +00:00	In affected versions of Octopus Deploy it is possible to discover network details via error message	5.3	Medium
CVE-2022-4008	2023-05-10 00h00 +00:00	In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service	5.5	Medium
CVE-2022-2507	2023-04-19 00h00 +00:00	In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage	5.3	Medium
CVE-2022-4009	2023-03-16 00h00 +00:00	In affected versions of Octopus Deploy it is possible for a user to introduce code via offline package creation	8.8	High
CVE-2022-2883	2023-02-22 00h00 +00:00	In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service	7.5	High
CVE-2022-2508	2022-10-26 22h00 +00:00	In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging.	5.3	Medium
CVE-2022-2782	2022-10-25 22h00 +00:00	In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters.	9.1	Critical
CVE-2022-2781	2022-10-05 22h00 +00:00	In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.	5.3	Medium
CVE-2022-2778	2022-09-29 22h00 +00:00	In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes.	9.8	Critical
CVE-2022-2528	2022-09-09 05h50 +00:00	In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages.	6.5	Medium
CVE-2022-2075	2022-08-19 07h10 +00:00	In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation.	7.5	High
CVE-2022-2074	2022-08-19 07h00 +00:00	In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template.	7.5	High
CVE-2022-2049	2022-08-19 06h45 +00:00	In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function.	7.5	High
CVE-2022-30532	2022-07-19 04h50 +00:00	In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy.	5.3	Medium
CVE-2022-1670	2022-05-19 02h25 +00:00	When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users.	7.5	High

Octopus Server 3.2.13

CPE Details

CPE Name: cpe:2.3:a:octopus:octopus_server:3.2.13:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:octopus:octopus_server:3.2.13:::::::*