CVE-2024-1656
LOWDescription
Affected versions of Octopus Server had a weak content security policy.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| octopus | octopus_server |
| linux | linux_kernel |
| microsoft | windows |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-1656? +
How severe is CVE-2024-1656? +
What products are affected by CVE-2024-1656? +
How do I check if I'm vulnerable to CVE-2024-1656? +
Related Vulnerabilities
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server …
A race condition was identified through which privilege escalation was possible in certain configurations.
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication …
In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target …
In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the …
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an …