CVE-2024-45309 – OneDev vulnerable to arbitrary file reading for unauthenticated user
https://notcve.org/view.php?id=CVE-2024-45309
OneDev is a Git server with CI/CD, kanban, and packages. A vulnerability in versions prior to 11.0.9 allows unauthenticated users to read arbitrary files accessible by the OneDev server process. This issue has been fixed in version 11.0.9. • https://github.com/theonedev/onedev/commit/4637aaac8c70d41aa789b7fce208b75c6a7b711f https://github.com/theonedev/onedev/security/advisories/GHSA-7wg5-6864-v489 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-24828 – Use of Cryptographically Weak Pseudo-Random Number Generator in Onedev
https://notcve.org/view.php?id=CVE-2023-24828
Onedev is a self-hosted Git Server with CI/CD and Kanban. In versions prior to 7.9.12 the algorithm used to generate access token and password reset keys was not cryptographically secure. Existing normal users (or everyone if it allows self-registration) may exploit this to elevate privilege to obtain administrator permission. This issue is has been addressed in version 7.9.12. Users are advised to upgrade. • https://github.com/theonedev/onedev/commit/d67dd9686897fe5e4ab881d749464aa7c06a68e5 https://github.com/theonedev/onedev/security/advisories/GHSA-jf5c-9r77-3j5j • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVE-2022-38301
https://notcve.org/view.php?id=CVE-2022-38301
Onedev v7.4.14 contains a path traversal vulnerability which allows attackers to access restricted files and directories via uploading a crafted JAR file into the directory /opt/onedev/lib. Onedev versión v7.4.14, contiene una vulnerabilidad de salto de rutas que permite a atacantes acceder a archivos y directorios restringidos por medio de una carga de un archivo JAR diseñado en el directorio /opt/onedev/lib • https://github.com/theonedev/onedev/commit/5b6a19c1f7fe9c271acc4268bcd261a9a1cbb3ea https://research.loginsoft.com/vulnerability/path-traversal-in-onedev-v7-4-14 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •