CVE-2021-41155

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix:...

EUVD-2025-150397

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1762267347 and Tuleap Enterprise Edition prior to versions 17.01-, 16.13-6, and 16.12-9 don't have cross-site request forgery protections in the file...

CVE-2025-64482 Tuleap missing CSRF protections in the File Release System

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1762267347 and Tuleap Enterprise Edition prior to versions 17.01-, 16.13-6, and 16.12-9 don't have cross-site request forgery protections in the file...

EUVD-2025-150398

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1761813675 and Tuleap Enterprise Edition prior to versions 16.13-5 and 16.12-8 don't have cross-site request forgery protection in the management of...

EUVD-2025-7730

Malicious code in bioql PyPI...

EUVD-2025-23041

Malicious code in bioql PyPI...

EUVD-2025-30204

Malicious code in bioql PyPI...

CVE-2025-59040

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

CVE-2025-59040 Tuleap backlog item representations do not verify the permissions of the child trackers

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

PT-2025-38408

Name of the Vulnerable Software and Affected Versions Tuleap Community Edition versions prior to 16.11.99.1757427600 Tuleap Enterprise Edition versions prior to 16.11-6 Tuleap Enterprise Edition version 16.10-8 Description Backlog item representations do not verify the permissions of child...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Tuleap Community Edition version 16.11.99.1757427600 and...

CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Enalean Tuleap Community Edition and Enalean Tuleap...

PT-2025-31258 · Unknown · Tuleap Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1750843170 Tuleap Enterprise Edition versions prior to 16.8-4 and 16.9-2 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Enalean Tuleap Community Edition prior to 16.9.99.17525856...

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 跨站脚本漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A cross-site scripting vulnerability exists in Enalean Tuleap Community Edition prior to...

PT-2025-31260 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1751892857 Tuleap Enterprise Edition versions prior to 16.8-5 and 16.9-3 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

PT-2025-26842 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.8.99.1749830289 Tuleap Enterprise Edition versions prior to 16.9-1 Description: The issue is a cross-site request forgery vulnerability that could be exploited by an attacker to trick victims into...

CVE-2024-47767

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, users might see tracker names they should not have access to. Tuleap Community Edition...

CVE-2024-47766

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, administrators of a project can access the content of trackers with permissions restrictio...