Lucene search
+L

193 matches found

Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.7 views

PT-2021-14358 · Onedev · Onedev

Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: OneDev is an all-in-one devops platform with a critical issue involving the build endpoint parameters. The InputSpec is used to define parameters of a Build spec, utilizing dynamically generated...

9.6CVSS9.3AI score0.01451EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.9 views

PT-2021-14354 · Onedev · Onedev

Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: The issue is related to a pre-auth server side template injection via Bean validation message tampering in OneDev, an all-in-one devops platform. This was fixed in version 4.0.3 by disabling...

10CVSS9.4AI score0.01494EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.5 views

Theonedev Onedev Security Breach

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. OneDev before version 4.0.3 has a...

7.7CVSS6.7AI score0.00932EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.6 views

Theonedev Onedev 代码代码注入漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev An injection vulnerabili...

10CVSS7.3AI score0.01494EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.9 views

Theonedev Onedev 路径遍历漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev Onedev versions prior to...

8.8CVSS7.3AI score0.12163EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.8 views

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev An injection vulnerabili...

10CVSS7.4AI score0.74191EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.11 views

Theonedev Onedev Code Issue Vulnerability

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. A code issue vulnerability exists ...

9.6CVSS7.4AI score0.01502EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.9 views

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. OneDev versions prior to 4.0.3 hav...

9.6CVSS7.4AI score0.02932EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.7 views

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A code issue vulnerabili...

10CVSS7.5AI score0.01198EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.8 views

Theonedev Onedev 信息泄露漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev Onedev versions prior to...

8.6CVSS7.1AI score0.49051EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.7 views

PT-2021-14356

Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: OneDev is an all-in-one devops platform. The REST UserResource endpoint performs a security check to ensure only administrators can list user details. However, the /users/id endpoint lacks security...

8.6CVSS5.7AI score0.49051EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.9 views

PT-2021-14361

Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: OneDev is an all-in-one devops platform with a critical "zip slip" vulnerability that may lead to arbitrary file write. The KubernetesResource REST endpoint untars user-controlled data from the...

8.8CVSS7.3AI score0.12163EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/01/15 12:0 a.m.7 views

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A security vulnerability...

10CVSS7.3AI score0.54494EPSS
Exploits0References3
Rows per page
Query Builder