CVE-2025-64497

Medium CVSS: 6.5

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.

Vendor

Enalean

Product

Tuleap

CWE

CWE-639

Yayın Tarihi

2025-12-08 23:15:47

Güncelleme

2025-12-10 21:10:18

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-639 Tuleap MEDIUM Enalean 2025

Referanslar

https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254 https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254 https://tuleap.net/plugins/tracker/?aid=45583

Benzer Kayıtlar

Medium

CVE-2026-24007

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protecti…

Medium

CVE-2025-65962

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-64498

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versio…

Medium

CVE-2025-64499

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon…

Medium

CVE-2025-64760

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Comm…

Medium

CVE-2025-54877

Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Com…