Security: theonedev/onedev
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Arbitrary file reading for unauthenticated userGHSA-7wg5-6864-v489 published
Oct 19, 2024 by robinshineCritical -
Random algorithm used to generate access token and password reset is not strong enoughGHSA-jf5c-9r77-3j5j published
Feb 7, 2023 by robinshineHigh -
Git Repository DisclosureGHSA-h427-rv56-c9h2 published
Sep 13, 2022 by robinshineHigh -
Persistent XSSGHSA-27fw-gv88-qrpg published
Sep 13, 2022 by robinshineHigh -
CI/CD Docker EscapeGHSA-gjq9-4xx9-cr3q published
Sep 13, 2022 by robinshineHigh -
Access Control Bypass can lead to Remote Code ExecutionGHSA-4f9h-h82c-4xm2 published
Sep 13, 2022 by robinshineHigh -
LDAP injection via OneDev may leak some LDAP directory informationGHSA-5864-2496-4xjf published
May 29, 2021 by robinshineLow -
XSS vulnerability via published html report in build specGHSA-x32j-7pm6-fp8w published
Jan 30, 2021 by robinshineModerate -
ZipSlip Arbitrary File UploadGHSA-2w6j-wc8c-9mq2 published
Jan 11, 2021 by robinshineModerate -
Post-Auth External Entity Expansion (XXE)GHSA-9pph-8gfc-6w2r published
Jan 11, 2021 by robinshineModerate
Learn more about advisories related to theonedev/onedev in the GitHub Advisory Database