Octopus Server Security Update Advisory (CVE-2024-9194)

Oct 07 2024

Overview

An update has been released to address vulnerabilities in Octopus Server. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-9194

Octopus Server versions: 2024.1.x (inclusive) ~ 2024.1.13038 (excluded) (Linux, Microsoft Window)
Octopus Server versions: 2024.2.x (inclusive) ~ 2024.2.9482 (excluded) (Linux, Microsoft Window)
Octopus Server versions: 2024.3.x (inclusive) ~ 2024.3.12766 (excluded) (Linux, Microsoft Window)

Resolved Vulnerabilities

SQL Injection vulnerability in Octopus Server running on Linux and Microsoft Windows (CVE-2024-9194)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available with the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9194

Octopus Server version: 2024.1.13038 (Linux, Microsoft Window)
Octopus Server version: 2024.2.9482 (Linux, Microsoft Window)
Octopus Server version: 2024.3.12766 (Linux, Microsoft Window)

References

[1] Security Advisory 2024-09

https://advisories.octopus.com/post/2024/sa2024-09/

Octopus Server Security Update Advisory (CVE-2024-9194)

Cisco Family October 2024 First Round Security Update Advisory

Microsoft Edge browser (129.0.2792.79) version security update advisory

Tags:

Cisco Family October 2024 First Round Security Update Advisory

Microsoft Edge browser (129.0.2792.79) version security update advisory