Unrated severityNVD Advisory· Published Nov 28, 2019· Updated Aug 5, 2024
CVE-2019-19375
CVE-2019-19375
Description
In Octopus Deploy before 2019.10.7, in a configuration where SSL offloading is enabled, the CSRF cookie was sometimes sent without the secure attribute. (The fix for this was backported to LTS versions 2019.6.14 and 2019.9.8.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Octopus Deploy/Octopus Deploydescription
- Range: <2019.10.7
Patches
Vulnerability mechanics
References
1- github.com/OctopusDeploy/Issues/issues/5998mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.