Lucene search

PRIOn knowledge basePRION:CVE-2024-23344

HistoryFeb 06, 2024 - 4:15 p.m.

Authentication flaw

2024-02-0616:15:00

PRIOn knowledge base

www.prio-n.com

tuleap

authentication

flaw

patch

version 15.4.99.140

nvd

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.7%

JSON

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4.99.140 of Tuleap Community Edition.

CPENameOperatorVersion
tuleapge15.2.99.49
tuleaplt15.4.99.140
tuleaplt15.3.5

Name	Operator	Version
tuleap	ge	15.2.99.49
tuleap	lt	15.4.99.140
tuleap	lt	15.3.5

References

github.com/Enalean/tuleap/commit/0329e21d268510bc00fed707406103edabf10e42

github.com/Enalean/tuleap/security/advisories/GHSA-m3v5-2j5q-x85w

tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0329e21d268510bc00fed707406103edabf10e42

tuleap.net/plugins/tracker/?aid=35862