1109 matches found
CVE-2026-4881
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
[SECURITY] Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-7.fc43
Reimplementation of RNP's interface using Sequoia for use with Thunderbird...
CVE-2026-4881
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
CVE-2026-4881
Octopus Server is affected by CVE-2026-4881 due to permissions not being checked correctly in a specific API endpoint, allowing any authenticated user to perform server-level changes and receive an error. Affected software is Octopus Server; vulnerable component/behavior is the permission check i...
CVE-2026-4881
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
CVE-2026-4881
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
EUVD-2026-34227
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
CVE-2026-4881
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
PT-2026-46172
In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...
[SECURITY] Fedora 42 Update: rust-sequoia-octopus-librnp-1.11.1-6.fc42
Reimplementation of RNP's interface using Sequoia for use with Thunderbird...
[SECURITY] Fedora 44 Update: rust-sequoia-octopus-librnp-1.11.1-6.fc44
Reimplementation of RNP's interface using Sequoia for use with Thunderbird...
EUVD-2026-12544
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In Octopus Server, a low-privileged user could exploit an API endpoint with insufficient permission validation to modify the signing key expiration and revocation time frames. The issue affects the API layer but does not allow exposure of signing keys. CVSS v4.0 base score 2.3 (LOW) with network ...
Octopus Server 安全漏洞
Octopus Server is a deployment automation and release management tool provided by the Australian company Octopus, designed for continuous delivery. There is a security vulnerability in Octopus Server, which stems from incorrect permission validation for API endpoints. This vulnerability could all...
CVE-2026-3236
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...
EUVD-2026-9817
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...