Tuleap@* Security Vulnerabilities and Issues — Tuleap@* CVE List

Lucene search

EnaleanTuleap*

8 matches found

CVE•added 2022/08/01 5:15 p.m.•624 views

CVE-2022-31128

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using the fine grained permissions. Users can create branches via the ...

5.4CVSS5.4AI score0.00151EPSS

CVE•added 2022/06/29 6:15 p.m.•61 views

CVE-2022-31058

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create a ...

7.2CVSS7.3AI score0.01344EPSS

CVE•added 2022/06/29 6:15 p.m.•56 views

CVE-2022-31063

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious u...

6.5CVSS5.7AI score0.00506EPSS

CVE•added 2022/06/29 6:15 p.m.•55 views

CVE-2022-31032

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to information in those template...

4.3CVSS4.5AI score0.00348EPSS

CVE•added 2022/06/09 6:15 a.m.•52 views

CVE-2022-24896

Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve ...

4.3CVSS4.5AI score0.00157EPSS

CVE•added 2022/12/13 7:15 a.m.•48 views

CVE-2022-23473

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148, Authorizations are not properly verified when accessing MediaWiki standalone resources. Users with read only permissions for pages are able to also edit them. This only...

4.3CVSS4.4AI score0.00064EPSS

CVE•added 2022/10/19 11:15 a.m.•46 views

CVE-2022-39233

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above, prior to 14.0.99.24, authorizations are not properly verified when updating the branch prefix used by the GitLab repository integration. Authenticated users can ...

5.4CVSS4.6AI score0.00197EPSS

CVE•added 2022/12/13 7:15 a.m.•43 views

CVE-2022-46160

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104, project level authorizations are not properly verified when accessing the project "homepage"/dashboards. Users not authorized to access a project may still be able to g...

4.3CVSS4.4AI score0.00117EPSS