CNNVD-202507-3656 Information
CNNVD ID
CNNVD-202507-3656
Related CVE
- CNNVD Published: 2025-07-29
Description (Chinese)
Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition都是Enalean开源的一个开源套件,旨在改善软件开发和协作的管理。 Enalean Tuleap Community Edition 16.9.99.1750843170之前版本和Enalean Tuleap Enterprise Edition 16.8-4和16.9-2之前版本存在安全漏洞,该漏洞源于忘记密码表单允许用户枚举。
Description (English)
Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are open-source packages from the Enalean Open Source to improve software development and collaborative management. There is a security loophole in the pre-Enalean Tuleap Commission 16.9.99.1750843170 and the pre-Enalean Tuleap Enterprise 16.8-4 and 16.9-2 versions, which stems from forgetting that the password form allows the user to count.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Enalean
Published
2025-07-29
Last Modified
2026-02-24
References
https://github.com/Enalean/tuleap/commit/5c72d6d253016d38ed472eb7918f772d074ddb07 https://tuleap.net/plugins/tracker/?aid=43674 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=5c72d6d253016d38ed472eb7918f772d074ddb07 https://github.com/Enalean/tuleap/security/advisories/GHSA-xqf3-xxxf-x3c2 https://nvd.nist.gov/vuln/detail/CVE-2025-52899
Patch
https://github.com/Enalean/tuleap/tags
Share on: