onedev project

Top products

The 15 most recently published vulnerabilities affecting onedev project.

• CVE-2024-45309OneDev vulnerable to arbitrary file reading for unauthenticated user7.5Oct 21, 2024
• CVE-2023-24828Use of Cryptographically Weak Pseudo-Random Number Generator in Onedev8.1Feb 7, 2023
• CVE-2022-38301Onedev v7.4.14 contains a path traversal vulnerability which allows attackers to access restricted files and directories via uploading a crafted JAR file into the directory /opt/onedev/lib.8.8Sep 14, 2022
• CVE-2022-39206CI/CD Docker Escape in OneDev9.9Sep 13, 2022
• CVE-2022-39207Persistent XSS in OneDev5.4Sep 13, 2022
• CVE-2022-39208Git Repository Disclosure in Onedev7.5Sep 13, 2022
• CVE-2022-39205Access Control Bypass in Onedev9.0Sep 13, 2022
• CVE-2021-32651LDAP injection via OneDev may leak some LDAP directory information3.1Jun 1, 2021
• CVE-2021-21245Pre-Auth Arbitrary File Upload10.0Jan 15, 2021
• CVE-2021-21246Pre-Auth Access token leak8.6Jan 15, 2021
• CVE-2021-21247Post-Auth Unsafe Deserialization on BasePage (AJAX)9.6Jan 15, 2021
• CVE-2021-21249Post-Auth Unsafe Yaml deserialization9.6Jan 15, 2021
• CVE-2021-21248Post-Auth Arbitrary Code execution via Groovy script injection9.6Jan 15, 2021
• CVE-2021-21250Post-Auth External Entity Expansion (XXE)7.7Jan 15, 2021
• CVE-2021-21251ZipSlip Arbitrary File Upload7.7Jan 15, 2021