4 matches found
CVE-2019-15507
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
Cross site request forgery (csrf)
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
CVE-2019-15507
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
CVE-2019-15507
Octopus Deploy exposes a vulnerability (CVE-2019-15507) affecting versions 2018.8.4 to 2019.7.6 where, if a web request proxy is configured and the user is authenticated, a deployment could cause the web proxy password to be logged in cleartext. The issue is fixed in 2019.7.7, with back-ports to ...