EUVD-2024-44565

Malicious code in bioql PyPI...

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

CVE-2024-4811

CVE-2024-4811 affects Octopus Server. Affected versions expose a security issue where a user with specific role assignments can access restricted project artifacts under certain conditions. The CVSS 3.1 base score is 2.2 (LOW) with vectors: AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N; attack vector is NE...

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from a user with a specific role assignment having access to restricted project artifacts under certain conditions...

PT-2024-32991 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue allows a user with specific role assignments to access restricted project artifacts under certain conditions. Recommendations: At the moment, there is no information about ...

Shopify: CircleCI token in github repo allows for access to sensitive build information

While looking through some Shopify Github repos I came across the following CircleCI token: ca84774a88598f639b174d498c219163e04adbb2 in the js-buy-sdk repo. curl https://circleci.com/api/v1.1/me?circle-token=ca84774a88598f639b174d498c219163e04adbb2 returns information about the user which confirm...