theonedev Summary
Latest vulnerabilities published by theonedev
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
theonedev Pull Request issues canAccessIssue improper authorization
CVE-2026-11441TheonedevOnedev5.3MEDIUMtheonedev REST API default-branch improper authorization
CVE-2026-11440TheonedevOnedev5.3MEDIUMtheonedev Parent Project projects improper authorization
CVE-2026-11439TheonedevOnedev5.3MEDIUMtheonedev projects improper authorization
CVE-2026-11438TheonedevOnedev5.3MEDIUMInsecure File Access in OneDev Git Server by The OneDev Team
CVE-2026-44647TheonedevOnedev7.1HIGHUse of Cryptographically Weak Pseudo-Random Number Generator in Onedev
CVE-2023-24828TheonedevOnedev8.1HIGHCI/CD Docker Escape in OneDev
CVE-2022-39206TheonedevOnedev9.9CRITICALPersistent XSS in OneDev
CVE-2022-39207TheonedevOnedev5.4MEDIUMGit Repository Disclosure in Onedev
CVE-2022-39208TheonedevOnedev7.5HIGHAccess Control Bypass in Onedev
CVE-2022-39205TheonedevOnedev9CRITICALLDAP injection via OneDev may leak some LDAP directory information
CVE-2021-32651TheonedevOnedev3.1LOWPre-Auth Arbitrary File Upload
CVE-2021-21245TheonedevOnedev10CRITICALPre-Auth Access token leak
CVE-2021-21246TheonedevOnedevEPSS 24%8.6HIGHPost-Auth Unsafe Deserialization on BasePage (AJAX)
CVE-2021-21247TheonedevOnedev9.6CRITICALPost-Auth Unsafe Yaml deserialization
CVE-2021-21249TheonedevOnedev9.6CRITICALPost-Auth Arbitrary Code execution via Groovy script injection
CVE-2021-21248TheonedevOnedev9.6CRITICALPost-Auth External Entity Expansion (XXE)
CVE-2021-21250TheonedevOnedev7.7HIGHZipSlip Arbitrary File Upload
CVE-2021-21251TheonedevOnedev7.7HIGHPre-Auth Unsafe Deserialization on AttachmentUploadServet
CVE-2021-21242TheonedevOnedevEPSS 40%10CRITICALPre-Auth Unsafe Deserialization on KubernetesResource
CVE-2021-21243TheonedevOnedev10CRITICALPre-Auth SSTI via Bean validation message tampering
CVE-2021-21244TheonedevOnedev10CRITICAL