Jenkins Octopusdeploy
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Octopusdeploy . Octopusdeploy did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 2 | 6.55 |
2018 | 0 | 0.00 |
It may take a day or so for new Octopusdeploy vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Octopusdeploy Security Vulnerabilities
Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they
CVE-2019-1003071
8.8 - High
- April 04, 2019
Jenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Missing Encryption of Sensitive Data
A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java
CVE-2019-1003027
4.3 - Medium
- February 20, 2019
A server-side request forgery vulnerability exists in Jenkins OctopusDeploy Plugin 1.8.1 and earlier in OctopusDeployPlugin.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL and obtain the HTTP response code if successful, and exception error message otherwise.
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Octopusdeploy or by Jenkins? Click the Watch button to subscribe.