theonedev Latest Vulnerabilities
Latest vulnerabilities published by theonedev
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Insecure File Access in OneDev Git Server by The OneDev Team
CVE-2026-44647TheonedevOnedev7.1HIGHUse of Cryptographically Weak Pseudo-Random Number Generator in Onedev
CVE-2023-24828TheonedevOnedev8.1HIGHCI/CD Docker Escape in OneDev
CVE-2022-39206TheonedevOnedev9.9CRITICALPersistent XSS in OneDev
CVE-2022-39207TheonedevOnedev5.4MEDIUMGit Repository Disclosure in Onedev
CVE-2022-39208TheonedevOnedev7.5HIGHAccess Control Bypass in Onedev
CVE-2022-39205TheonedevOnedev9CRITICALLDAP injection via OneDev may leak some LDAP directory information
CVE-2021-32651TheonedevOnedev3.1LOWPre-Auth Arbitrary File Upload
CVE-2021-21245TheonedevOnedev10CRITICALPre-Auth Access token leak
CVE-2021-21246TheonedevOnedevEPSS 24%8.6HIGHPost-Auth Unsafe Deserialization on BasePage (AJAX)
CVE-2021-21247TheonedevOnedev9.6CRITICALPost-Auth Unsafe Yaml deserialization
CVE-2021-21249TheonedevOnedev9.6CRITICALPost-Auth Arbitrary Code execution via Groovy script injection
CVE-2021-21248TheonedevOnedev9.6CRITICALPost-Auth External Entity Expansion (XXE)
CVE-2021-21250TheonedevOnedev7.7HIGHZipSlip Arbitrary File Upload
CVE-2021-21251TheonedevOnedev7.7HIGHPre-Auth Unsafe Deserialization on AttachmentUploadServet
CVE-2021-21242TheonedevOnedevEPSS 40%10CRITICALPre-Auth Unsafe Deserialization on KubernetesResource
CVE-2021-21243TheonedevOnedev10CRITICALPre-Auth SSTI via Bean validation message tampering
CVE-2021-21244TheonedevOnedev10CRITICAL