11 matches found
EUVD-2019-6495
Malware in sbrugna...
EUVD-2019-6496
Malware in sbrugna...
EUVD-2019-5503
Malware in sbrugna...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
CVE-2019-14268
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
Octopus Deploy Log Message Disclosure Vulnerability
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. Octopus Deploy suffers from a log information disclosure vulnerability that originates when the program writes the Web Request Proxy password in plaintext to the...
CVE-2019-14268
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...
Cross site request forgery (csrf)
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...
CVE-2019-14268
CVE-2019-14268 affects Octopus Deploy versions 3.0.19 through 2019.7.2 where, if a web request proxy is configured, an authenticated user could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. The issue is fixed in 2019.7.3, with the fix back-por...