Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-06
Updated
2022-12-08
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated.
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-08-05
Updated
2021-08-12
Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process.
Max CVSS
7.5
EPSS Score
0.19%
Published
2021-04-28
Updated
2021-06-01
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.
Max CVSS
9.8
EPSS Score
0.14%
Published
2021-04-06
Updated
2021-06-02
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.
Max CVSS
7.5
EPSS Score
0.18%
Published
2021-04-06
Updated
2022-06-28
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands (through the Mercurial adapter) via vectors involving a branch whose name begins with a --config= or --debugger= substring, a related issue to CVE-2017-17536.
Max CVSS
8.8
EPSS Score
0.73%
Published
2018-01-10
Updated
2019-10-03
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information.
Max CVSS
7.5
EPSS Score
0.35%
Published
2017-10-18
Updated
2019-03-14
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information.
Max CVSS
7.5
EPSS Score
0.35%
Published
2017-10-18
Updated
2019-03-14
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote attackers to obtain sensitive differences information or possibly have unspecified other impact.
Max CVSS
7.5
EPSS Score
0.40%
Published
2017-10-18
Updated
2019-10-03
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by reading a Referer log, because account/lost_password does not use a redirect.
Max CVSS
7.5
EPSS Score
0.35%
Published
2017-10-18
Updated
2019-03-14
Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller.rb in Redmine before 2.6.7, 3.0.x before 3.0.5, and 3.1.x before 3.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted back_url parameter, as demonstrated by "@attacker.com," a different vulnerability than CVE-2014-1985.
Max CVSS
7.4
EPSS Score
0.45%
Published
2016-04-12
Updated
2016-04-20
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exists function.
Max CVSS
7.5
EPSS Score
0.99%
Published
2014-12-28
Updated
2014-12-29

CVE-2011-4929

Public exploit
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.
Max CVSS
7.5
EPSS Score
95.94%
Published
2012-10-08
Updated
2012-10-09
13 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!