VYPR
Unrated severityNVD Advisory· Published Oct 21, 2024· Updated Oct 21, 2024

OneDev vulnerable to arbitrary file reading for unauthenticated user

CVE-2024-45309

Description

OneDev is a Git server with CI/CD, kanban, and packages. A vulnerability in versions prior to 11.0.9 allows unauthenticated users to read arbitrary files accessible by the OneDev server process. This issue has been fixed in version 11.0.9.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Theonedev/Onedevllm-fuzzy2 versions
    < 11.0.9+ 1 more
    • (no CPE)range: < 11.0.9
    • (no CPE)range: < 11.0.9

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.