Security: theonedev/onedev
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Post-Auth Unsafe Yaml deserializationGHSA-7xhq-m2q9-6hpm published
Jan 11, 2021 by robinshineHigh -
Post-Auth Arbitrary Code execution via Groovy script injectionGHSA-gwp4-5498-hv5f published
Jan 11, 2021 by robinshineHigh -
Post-Auth Unsafe Deserialization on BasePage (AJAX)GHSA-6pxf-75cf-vwjp published
Jan 11, 2021 by robinshineCritical -
Pre-Auth Access token leakGHSA-66v7-gg85-f4gx published
Jan 11, 2021 by robinshineCritical -
Pre-Auth Arbitrary File UploadGHSA-62m2-38q5-96w9 published
Jan 11, 2021 by robinshineCritical -
Pre-Auth SSTI via Bean validation message tamperingGHSA-vm26-xg39-cfj4 published
Jan 11, 2021 by robinshineCritical -
Pre-Auth Unsafe Deserialization on KubernetesResourceGHSA-9mmq-fm8c-q4fv published
Jan 11, 2021 by robinshineCritical -
Pre-Auth Unsafe Deserialization on AttachmentUploadServetGHSA-5q3q-f373-2jv8 published
Jan 11, 2021 by robinshineCritical
Learn more about advisories related to theonedev/onedev in the GitHub Advisory Database