OneDev Security Update Advisory (CVE-2024-45309)

Oct 29 2024

Overview

An update has been released to address vulnerabilities in OneDev. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-45309

OneDev versions: ~ 11.0.9 (excluded)

Resolved Vulnerabilities

Vulnerability that allows unauthenticated users to read arbitrary files accessible by the OneDev server process (CVE-2024-45309)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-45309

OneDev version: 11.0.9

Referenced Sites

[1] CVE-2024-45309 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-45309

[2] Arbitrary file reading for unauthenticated use

https://github.com/theonedev/onedev/security/advisories/GHSA-7wg5-6864-v489

[3] onedev/commit

https://github.com/theonedev/onedev/commit/4637aaac8c70d41aa789b7fce208b75c6a7b711f

OneDev Security Update Advisory (CVE-2024-45309)

WordPress Comments – wpDiscuz Plugin Security Update Advisory (CVE-2024-9488)

NVIDIA Family Security Update Advisory

Tags:

WordPress Comments – wpDiscuz Plugin Security Update Advisory (CVE-2024-9488)

NVIDIA Family Security Update Advisory