CPE Details
Octopus Server 2022.4.8377
2022.4.8377
2023-03-01
17h37 +00:00
17h37 +00:00
2023-03-01
18h50 +00:00
18h50 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:octopus:octopus_server:2022.4.8377:*:*:*:*:*:*:*
Informations
Vendor
octopusProduct
octopus_serverVersion
2022.4.8377Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server. | 7.5 |
Haute |
||
| In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment. | 5.5 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible for a low privileged guest user to interact with extension endpoints. | 5.5 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible to discover network details via error message | 5.3 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | 5.5 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage | 5.3 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items | 4.3 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible for a user to view Workerpools without being explicitly assigned permissions to view these items | 4.3 |
Moyen |
||
| In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service | 7.5 |
Haute |
2025©
tesweb SA
