EUVD-2021-8629

Malicious code in bioql PyPI...

CVE-2021-21246 Pre-Auth Access token leak

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the /users/id endpoint there are no security checks enforced so it is possible to retrieve...