Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2022-2760

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.

Published: Sep 28, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-2760
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-209

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
octopus / octopus_server	2022.3.0	2022.3.10405
octopus / octopus_server	2022.2.0	2022.2.7965
octopus / octopus_server	2019.5.7	2022.1.3180

https://advisories.octopus.com/post/2022/sa2022-14/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo