Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enalean tuleap vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-31128
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using the fine grained permissions. Users can c...
Enalean Tuleap
4.8
CVSSv3
CVE-2023-39521
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, content displayed in the "card fields" (visible...
Enalean Tuleap
7.2
CVSSv3
CVE-2021-43782
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to GHSA-887w-pv2r-x8pm/CVE-2021-41276, the initial fix was incomplete. Tuleap does not sanitize properly the search filter built from the ldap_id attribu...
Enalean Tuleap
8.8
CVSSv3
CVE-2021-43806
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated ma...
Enalean Tuleap
4.3
CVSSv3
CVE-2022-31032
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions before 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to informat...
Enalean Tuleap
9.8
CVSSv3
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
6.5
CVSSv3
CVE-2024-23344
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4...
Enalean Tuleap
4.3
CVSSv3
CVE-2022-23473
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edi...
Enalean Tuleap
4.3
CVSSv3
CVE-2022-46160
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions before 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a pro...
Enalean Tuleap
7.2
CVSSv3
CVE-2023-35938
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to `Private without restricted`, restricted users that are project administrators keep this access rig...
Enalean Tuleap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »