CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message.

Published: Feb 11, 2025
Updated: Jul 3, 2025
CVE: CVE-2025-0513
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
octopus / octopus_server	2024.3.164	2024.3.12985
octopus / octopus_server	2024.4.401	2024.4.6962

https://advisories.octopus.com/post/2024/sa2025-04/

Vulnerability Database

CVE-2025-0513