21 matches found
EUVD-2019-6495
Malware in sbrugna...
EUVD-2019-6496
Malware in sbrugna...
EUVD-2021-18695
Malware in sbrugna...
EUVD-2019-5503
Malware in sbrugna...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
CVE-2019-15507
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
CVE-2019-14268
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...
CVE-2021-31820
In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI...
CVE-2021-31820
In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI...
CVE-2019-15507
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
Cross site request forgery (csrf)
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
Cross site request forgery (csrf)
In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user in certain limited special-characters circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.7. T...
CVE-2019-15507
Octopus Deploy exposes a vulnerability (CVE-2019-15507) affecting versions 2018.8.4 to 2019.7.6 where, if a web request proxy is configured and the user is authenticated, a deployment could cause the web proxy password to be logged in cleartext. The issue is fixed in 2019.7.7, with back-ports to ...
CVE-2019-15508
In Octopus Tentacle, versions 3.0.8 through 5.0.0 are affected. When a web request proxy is configured, an authenticated user (under certain limited OctopusPrintVariables circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. The i...
CVE-2019-15508
In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user in certain limited OctopusPrintVariables circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 5.0.1. The f...
Octopus Deploy Log Message Disclosure Vulnerability
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. Octopus Deploy suffers from a log information disclosure vulnerability that originates when the program writes the Web Request Proxy password in plaintext to the...
CVE-2019-14268
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...
Cross site request forgery (csrf)
In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request proxy is configured, an authenticated user in certain limited circumstances could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. This is fixed in 2019.7.3. The fix was back-porte...