3 matches found
CVE-2021-21248
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build spec. It does so by using dynamically generated Groovy classes. A user able to control job paramete...
CVE-2021-21248
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build endpoint parameters. InputSpec is used to define parameters of a Build spec. It does so by using dynamically generated Groovy classes. A user able to control job paramete...
PT-2021-14358 · Onedev · Onedev
Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: OneDev is an all-in-one devops platform with a critical issue involving the build endpoint parameters. The InputSpec is used to define parameters of a Build spec, utilizing dynamically generated...