Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6, users might receive email notification with information they should not have access to. Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15.12-6 fix this issue.
References
Link | Resource |
---|---|
https://github.com/Enalean/tuleap/security/advisories/GHSA-g76g-hc92-96xw | Third Party Advisory |
https://tuleap.net/plugins/tracker/?aid=39686 | Exploit Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Oct 2024, 14:07
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.7 |
First Time |
Enalean
Enalean tuleap |
|
CPE | cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:* cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:* |
|
References | () https://github.com/Enalean/tuleap/security/advisories/GHSA-g76g-hc92-96xw - Third Party Advisory | |
References | () https://tuleap.net/plugins/tracker/?aid=39686 - Exploit, Issue Tracking, Third Party Advisory | |
CWE | CWE-755 |
15 Oct 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
14 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-14 18:15
Updated : 2024-10-16 14:07
NVD link : CVE-2024-46988
Mitre link : CVE-2024-46988
CVE.ORG link : CVE-2024-46988
JSON object : View
Products Affected
enalean
- tuleap