Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2019-8944

An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (and before 2018.10.4 LTS) allows remote authenticated users to view sensitive Terraform output variables via log files.

Published: Feb 20, 2019
Updated: Nov 9, 2025
CVE: CVE-2019-8944
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
octopus / octopus_deploy	2018.10.3	2018.10.3.x
octopus / octopus_deploy	2018.10.2	2018.10.2.x
octopus / octopus_deploy	2018.10.1	2018.10.1.x
octopus / octopus_deploy	2018.10.0	2018.10.0.x
octopus / octopus_deploy	-	2018.9.17.x
octopus / octopus_server	2018.11.0	2019.1.8

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo