Lucene search
K

664 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-43300

An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization...

7.5CVSS6.1AI score0.00246EPSS
Exploits0References2
NVD
NVD
added yesterday8 views

CVE-2026-14165

An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization...

7.5CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-14165

Technical details are not publicly available in the provided documents. Monitor for updates on affected versions, root cause, and remediation.

7.5CVSS6.1AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday26 views

CVE-2026-14165 Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5

An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization...

7.5CVSS0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/03 9:19 p.m.5 views

CVE-2026-24007

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...

4.6CVSS5.5AI score0.00139EPSS
Exploits0References1
NVD
NVD
added 2026/02/02 11:16 p.m.9 views

CVE-2026-24007

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...

4.6CVSS0.00139EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/02 7:52 p.m.3 views

CVE-2026-24007 Tuleap is missing CSRF protection in the Overview inconsistent items

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...

4.6CVSS5.5AI score0.00139EPSS
Exploits0References4
CVE
CVE
added 2026/02/02 7:52 p.m.26 views

CVE-2026-24007

CVE-2026-24007 affects Tuleap (Open Source Software for software development and collaboration). The vulnerability is a missing CSRF protection in the Overview inconsistent items feature, allowing an authenticated attacker to trick victims into repairing inconsistent items (creating artifact link...

4.6CVSS5.5AI score0.00139EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/02 7:52 p.m.33 views

CVE-2026-24007 Tuleap is missing CSRF protection in the Overview inconsistent items

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...

4.6CVSS0.00139EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

Tuleap 跨站请求伪造漏洞

Tuleap is an open-source suite developed by Enalean, aimed at improving the management of software development and collaboration. Tuleap has a cross-site request forgeing vulnerability, which stems from the lack of CSRF protection in the Overview section. This vulnerability could potentially tric...

4.6CVSS5.7AI score0.00139EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.10 views

CVE-2023-40343

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token...

5.9CVSS6.9AI score0.00494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.7 views

CVE-2021-41276

Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldapid attribute of a user during the daily synchronization. A malicious user could force accounts to ...

7.2CVSS6.2AI score0.0148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.11 views

CVE-2021-41142

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site scripting vulnerability in Tuleap Community Edition prior to 12.11.99.25 and Tuleap Enterprise Edition 12.11-2. A malicious user with the capability to add and...

5.4CVSS6.3AI score0.00702EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.7 views

CVE-2022-23473

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edit them. This on...

4.3CVSS6.7AI score0.00454EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.7 views

CVE-2022-31063

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious...

6.5CVSS7AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.10 views

CVE-2022-31128

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using the fine grained permissions. Users can create branches via th...

5.4CVSS6.8AI score0.00514EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.3 views

CVE-2021-41155

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix:...

8.8CVSS7.4AI score0.01478EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.5 views

CVE-2021-41147

Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard service can execute...

7.2CVSS7.8AI score0.01801EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/09 11:32 p.m.5 views

CVE-2025-65962

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763803709 and Tuleap Enterprise Edition versions prior to 17.0-4 and 16.13-9 are mission CSRF protections in its tracker field dependencies,...

4.6CVSS6.6AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 11:32 p.m.6 views

CVE-2025-64499

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API...

5.4CVSS6.7AI score0.0012EPSS
Exploits0References1
Rows per page
Query Builder