2314 matches found
Octopus Deploy 安全漏洞
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from the possibility of displaying the space ID of a space that the user is not authorized to view in an...
CVE-2022-2760
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space...
PT-2022-18510 · Unknown · Octopus Deploy
Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows revealing the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space. Recommendations: At the...
@adobe/helix-deploy (>=7.0.0 <=7.0.8) potentially affected by CVE-2022-39218 via @fastly/js-compute (>=0.4.0 <=0.5.2)
@fastly/js-compute NPM version =0.4.0, =7.0.0, =7.0.8 Source cves: CVE-2022-39218 Source advisory: OSV:GHSA-CMR8-5W4C-44V8...
CVE-2022-2528
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...
CVE-2022-2528
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...
CVE-2022-2528
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...
Design/Logic Flaw
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...
CVE-2022-2528
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages...
CVE-2022-2528
CVE-2022-2528 affects Octopus Deploy. The issue allows uploading a package to the built-in feed with insufficient permissions after re-indexing packages. Per NVD, CVSS 3.1 base score 6.5 (Medium) with Network attack vector, low attack complexity, privileges required, no user interaction; impact i...
Octopus Deploy 安全漏洞
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor...
PT-2022-17185 · Unknown · Octopus Deploy
Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows uploading a package to the built-in feed with insufficient permissions after re-indexing packages. Recommendations: At the moment, there is no information about a...
PT-2022-4607 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.10 through 15.1.6 GitLab versions 15.2 through 15.2.4 GitLab versions 15.3 through 15.3.2 Description: The issue is related to incorrect authentication with some Package Registries when IP address restrictions are configure...
Octopus Deploy 安全漏洞
Octopus Deploy is an automation tool for .NET, Java, and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from the ability to bypass login rate limits using null bytes...
CVE-2022-2075
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation...
CVE-2022-2049
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function...
CVE-2022-2074
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template...
CVE-2022-2075
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service targeting the build information request validation...
CVE-2022-2074
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service using the Variable Project Template...
CVE-2022-2049
In affected versions of Octopus Deploy it is possible to perform a Regex Denial of Service via the package upload function...