CNNVD-202509-2927 Information
CNNVD ID
CNNVD-202509-2927
Related CVE
- CNNVD Published: 2025-09-18
Description (Chinese)
Enalean Tuleap Community Edition和Enalean Tuleap Enterprise Edition都是Enalean开源的一个开源套件,旨在改善软件开发和协作的管理。 Tuleap Community Edition 16.11.99.1757427600版本和Tuleap Enterprise Edition 16.11-6版本和16.10-8版本存在安全漏洞,该漏洞源于未验证子跟踪器的权限,可能导致用户访问不应查看的跟踪器名称。
Description (English)
Enalean Tuleap Community Edition and Enalean Tuleap Enterprise Edition are open-source packages from the Enalean Open Source to improve software development and collaborative management. There is a security loophole in the Tuleap Commission 16.11.9.1757427600 and in the Tuleap Enterprise 16.11-6 and 16.10-8 versions, which stems from the unverified sub-tracker ’ s permission and may lead to the user ’ s access to the unobserved tracker name.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Enalean
Published
2025-09-18
Last Modified
2026-02-24
References
https://github.com/Enalean/tuleap/commit/92e4aa2d830a624a9183206c1c3558b90b8a5525 https://github.com/Enalean/tuleap/security/advisories/GHSA-67xc-39v9-pffg https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=92e4aa2d830a624a9183206c1c3558b90b8a5525 https://tuleap.net/plugins/tracker/?aid=44489
Patch
https://github.com/Enalean/tuleap/tags
Share on: