8 matches found
CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...
CVE-2025-54877
Tuleap CVE-2025-54877 affects Community Edition <16.10.99.1754050155 and Enterprise Edition <16.9-8 and
CVE-2025-54877 Tuleap's special and always there fields permissions are not verified in cross-tracker search
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition versions before 16.10.99.1754050155 and Tuleap Enterprise Edition versions before 16.9-8 and before 16.10-5, an attacker can access to the content of the special...
CVE-2025-24029 Artifact permissions are not verified in the Cross Tracker Search widget in Tuleap
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users possibly anonymous ones if the widget is used in the dashboard of a public project might get access to artifacts they should not see. This issue has been addressed in Tuleap Community Edition...
CVE-2025-24029 Artifact permissions are not verified in the Cross Tracker Search widget in Tuleap
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users possibly anonymous ones if the widget is used in the dashboard of a public project might get access to artifacts they should not see. This issue has been addressed in Tuleap Community Edition...
CVE-2024-47766
CVE-2024-47766 affects Tuleap: prior to versions Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, project administrators could access tracker content via the cross tracker search widget despite permission restrictions. The issue is f...
CVE-2024-47766 Permissions are incorrectly verified for project administrators in the cross tracker search widget
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, administrators of a project can access the content of trackers with permissions restrictio...
CVE-2024-47766 Permissions are incorrectly verified for project administrators in the cross tracker search widget
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, administrators of a project can access the content of trackers with permissions restrictio...