CVE-2023-33966 Deno missing "--allow-net" permission check for built-in Node modules

Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and denoruntime 0.114.0, outbound HTTP requests made using the built-in node:http or node:https modules are incorrectly not checked against the network permission allow list --allow-net. Dependencies relying on these built-in modules...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

Code injection

In affected versions of Octopus Deploy it is possible to discover network details via error message...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

PT-2023-15886 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows discovery of network details via error messages in affected versions of the software. Recommendations: At the moment, there is no information about a newer version...

CVE-2022-4870

CVE-2022-4870 affects Octopus Deploy; the issue is information disclosure via error messages that reveal network details. The provided documents confirm the vulnerability is tied to Octopus Deploy and involve disclosure of network information through error output. Exploitation status is not detai...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

Octopus Deploy 安全漏洞

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from the ability to discover network details via error messages...

CVE-2022-4008

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

CVE-2022-4008

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

Denial of service

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

CVE-2022-4008

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

Octopus Deploy 资源管理错误漏洞

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. Octopus Deploy suffers from a security vulnerability that stems from the possibility of uploading zipbomb files as a task that leads to a denial of service...

CVE-2022-4008

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

PT-2023-13748 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows an attacker to upload a zipbomb file as a task, resulting in Denial of Service. Recommendations: At the moment, there is no information about a newer version that...

CVE-2022-4008

CVE-2022-4008 affects Octopus Deploy. The vulnerability allows uploading a zipbomb file as a task, leading to Denial of Service (DoS). Public records in the provided documents confirm Octopus Deploy is the affected software and cite DoS as the impact. Exploitation status is not detailed in the su...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2023-37161)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

CVE-2022-43877

IBM UrbanCode Deploy UCD versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148...