Crlf injection

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build spec. It does so by using dynamically generated Groovy classes. A user able to control job paramete...

CVE-2021-21244

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3 by disabling validation interpolation...

Authorization

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This issue may lead to pre-auth RCE. This issue...

CVE-2021-21245

CVE-2021-21245 affects OneDev prior to 4.0.3, where AttachmentUploadServlet saves user-controlled data from the request into a user-specified path via File-Name header. This can enable arbitrary file upload and potential WebShell deployment on the OneDev server. The issue is addressed in 4.0.3 by...

CVE-2021-21246

OneDev before 4.0.3 exposes an insecure REST endpoint: GET /users/{id} lacks authorization checks, enabling retrieval of arbitrary user details and Access Tokens. This permits potential impersonation and sensitive data exposure across projects accessible by the user. The issue is fixed in version...

CVE-2021-21247

OneDev before 4.0.3 embeds an AJAX event listener (AbstractPostAjaxBehavior) on all pages except login, which decodes/deserializes the data parameter via POST. This authenticated vulnerability can be triggered by a logged-in user and may lead to post-auth RCE. The issue is mitigated in version 4....

CVE-2021-21249

CVE-2021-21249 affects OneDev prior to 4.0.3, where YAML parsing with SnakeYaml could deserialize arbitrary classes, enabling post-auth remote code execution. The root cause is unsafe deserialization when not using SafeConstructor, allowing crafted YAML to instantiate user-controlled classes (e.g...

CVE-2021-21248

CVE-2021-21248 affects OneDev before 4.0.3. The vulnerability lies in the build endpoint parameters via InputSpec, which uses dynamically generated Groovy classes; an attacker who controls job parameters can inject Groovy code, leading to arbitrary code execution through a static constructor on t...

CVE-2021-21250

OneDev prior to 4.0.3 is affected by a critical XXE in BuildSpec XML processing: XmlBuildSpecMigrator.migrate(buildSpecString) expands external entities, allowing an attacker to read arbitrary filesystem files (if dumped into YAML properties) or exfiltrate data Out Of Band. The flaw is mitigated ...

CVE-2021-21251

CVE-2021-21251 (OneDev) affects OneDev prior to version 4.0.3, where the KubernetesResource REST endpoint untars user‑supplied data via TarUtils (built on Apache Commons Compress). The untar process lacks checks to prevent files from traversing the filesystem and overwriting existing files, enabl...

CVE-2021-21242

CVE-2021-21242 affects OneDev before version 4.0.3. The vulnerability lies in the AttachmentUploadServlet which deserializes untrusted data from the Attachment-Support header and does not enforce authentication/authorization, enabling pre-auth remote code execution. The issue is fixed in 4.0.3 by...

CVE-2021-21244

CVE-2021-21244 affects OneDev before version 4.0.3. A pre-auth server-side template injection occurs via tampering with Bean validation messages, enabling SSTI. The root cause is failure in validation message handling that allows interpolation to be exploited. The issue was fixed in 4.0.3 by disa...

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. OneDev versions prior to 4.0.3 hav...

Theonedev Onedev 代码问题漏洞

Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A security vulnerability...

CVE-2020-17145

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability...

CVE-2020-17145

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability...

CVE-2020-17135

Azure DevOps Server Spoofing Vulnerability...

CVE-2020-17135

Azure DevOps Server Spoofing Vulnerability...

Spoofing

Azure DevOps Server Spoofing Vulnerability...

Spoofing

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability...