Unrated severityNVD Advisory· Published Oct 21, 2024· Updated Oct 21, 2024
OneDev vulnerable to arbitrary file reading for unauthenticated user
CVE-2024-45309
Description
OneDev is a Git server with CI/CD, kanban, and packages. A vulnerability in versions prior to 11.0.9 allows unauthenticated users to read arbitrary files accessible by the OneDev server process. This issue has been fixed in version 11.0.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/theonedev/onedev/commit/4637aaac8c70d41aa789b7fce208b75c6a7b711fmitrex_refsource_MISC
- github.com/theonedev/onedev/security/advisories/GHSA-7wg5-6864-v489mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.