Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the…
GitHub_M·CWE-280·Published 2025-02-03
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the widget is used in the dashboard of a public project) might get access to artifacts they should not see. This issue has been addressed in Tuleap Community Edition 16.3.99.1737562605 as well as Tuleap Enterprise Edition 16.3-5 and Tuleap Enterprise Edition 16.2-7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the widget is used in the dashboard of a public project) might get access to artifacts they should not see. This issue has been addressed in Tuleap Community Edition 16.3.99.1737562605 as well as Tuleap Enterprise Edition 16.3-5 and Tuleap Enterprise Edition 16.2-7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Tuleap es una suite de código abierto que mejora la gestión de los desarrollos de software y la colaboración. Los usuarios (posiblemente anónimos si el widget se utiliza en el panel de control de un proyecto público) podrían obtener acceso a artefactos que no deberían ver. Este problema se ha solucionado en Tuleap Community Edition 16.3.99.1737562605, así como en Tuleap Enterprise Edition 16.3-5 y Tuleap Enterprise Edition 16.2-7. Se recomienda a los usuarios que actualicen la versión. No se conocen workarounds para esta vulnerabilidad.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 5.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 3.1 | Primary | cve.org | 5.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 3.1 | Secondary | NVD | 5.3 | 3.9 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |