EUVD-2025-30204

Malicious code in bioql PyPI...

EUVD-2025-6011

Malicious code in bioql PyPI...

CVE-2025-59040

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

CVE-2025-59040 Tuleap backlog item representations do not verify the permissions of the child trackers

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

CVE-2025-59040 Tuleap backlog item representations do not verify the permissions of the child trackers

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition...

CVE-2025-59040

CVE-2025-59040 concerns Tuleap. Backlog item representations do not verify the permissions of child trackers, potentially allowing users to see tracker names they should not access due to unverified sub-tracker privileges. Affected products: Tuleap Community Edition and Tuleap Enterprise Edition....

Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition 安全漏洞

Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are both an open source suite from Enalean Open Source designed to improve the management of software development and collaboration. A security vulnerability exists in Tuleap Community Edition version 16.11.99.1757427600 and...

PT-2025-38408

Name of the Vulnerable Software and Affected Versions Tuleap Community Edition versions prior to 16.11.99.1757427600 Tuleap Enterprise Edition versions prior to 16.11-6 Tuleap Enterprise Edition version 16.10-8 Description Backlog item representations do not verify the permissions of child...

CVE-2025-27099 Tuleap allows XSS via the tracker names used in the semantic timeframe deletion message

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting XSS via the tracker names used in the semantic timeframe deletion message. A tracker administrator with a semantic timeframe used by other trackers could use this...

CVE-2024-47767

Tuleap CVE-2024-47767 affects Tuleap: before fixes, users could view tracker names they should not have access to via the backlog quick-add actions. The issue is caused by missing permissions checks in the quick-add/backlog flow. Impact is exposure of restricted tracker names (information disclos...

Enalean Tuleap 安全漏洞

Enalean Tuleap is a free and open source tool from the French company Enalean. It is used for end-to-end traceability of application and system development. A security vulnerability exists in Enalean Tuleap. An attacker exploiting the vulnerability could view tracker names that they should not ha...

Tuleap 安全漏洞

Tuleap is open source an application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. A security vulnerability exists in versions prior to Tuleap 13.7.99.239 that stems from Tuleap failing to...