CVE-2025-0525

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server.

Published: Feb 11, 2025
Updated: Jul 3, 2025
CVE: CVE-2025-0525
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
octopus / octopus_server	2020.6.4592	2024.3.13007
octopus / octopus_server	2024.4.401	2024.4.6995

https://advisories.octopus.com/post/2024/sa2025-02/

Vulnerability Database

CVE-2025-0525