Lucene search
K

26 matches found

Vulnrichment
Vulnrichment
added 2022/09/13 6:50 p.m.5 views

CVE-2022-39206 CI/CD Docker Escape in OneDev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...

9.9CVSS9.7AI score0.0165EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/09/13 6:50 p.m.9 views

CVE-2022-39207 Persistent XSS in OneDev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. During CI/CD builds, it is possible to save build artifacts for later retrieval. They can be accessed through OneDev's web UI after the successful run of a build. These artifact files are served by the webserver in the same...

5.4CVSS5.9AI score0.00722EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/09/13 6:30 p.m.2 views

CVE-2022-39205 Access Control Bypass in Onedev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. In versions of Onedev prior to 7.3.0 unauthenticated users can take over a OneDev instance if there is no properly configured reverse proxy. The /git-prereceive-callback endpoint is used by the pre-receive git hook on the...

9CVSS9.9AI score0.01756EPSS
Exploits1References4
CNVD
CNVD
added 2021/01/18 12:0 a.m.2 views

Theonedev Onedev Code Issue Vulnerability

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A code issue vulnerabili...

10CVSS7.2AI score0.01198EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.7 views

Theonedev Onedev 代码注入漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. OneDev version before 4.0.3 has a...

9.6CVSS7.4AI score0.01451EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.7 views

Theonedev Onedev 信息泄露漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev Onedev versions prior to...

8.6CVSS7.1AI score0.49051EPSS
Exploits0References3
Rows per page
Query Builder