Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
OctopusOctopus Server3.4.0

2 matches found

CVE
CVEadded 2017/07/17 1:18 p.m.42 views

CVE-2017-11348

In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files. This is a directory traversal in the PackageId value.

6.3CVSS5.4AI score0.01014EPSS
CVE
CVEadded 2020/08/25 7:15 p.m.40 views

CVE-2020-16197

An issue was discovered in Octopus Deploy 3.4. A deployment target can be configured with an Account or Certificate that is outside the scope of the deployment target. An authorised user can potentially use a certificate that they are not in scope to use. An authorised user is also able to obtain c...

4.3CVSS4.5AI score0.00124EPSS