Description

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the widget is used in the dashboard of a public project) might get access to artifacts they should not see. This issue has been addressed in Tuleap Community Edition 16.3.99.1737562605 as well as Tuleap Enterprise Edition 16.3-5 and Tuleap Enterprise Edition 16.2-7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

INFO

Published Date :

2025-02-03T21:26:38.815Z

Last Modified :

2025-02-04T18:47:14.573Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-24029 vulnerability.

Vendors Products
Enalean
  • Tuleap
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-24029.

URL Resource
https://github.com/Enalean/tuleap/security/advisories/GHSA-hq46-63pc-xfv9 cve-icon cve-icon
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=269cbaa73bac6d1c50674c48c9987263f2b38804 cve-icon cve-icon
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=a97480f951351c0f8f2f3f27f7daa3f7f9c37c75 cve-icon cve-icon
https://tuleap.net/plugins/tracker/?aid=41476 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact