CNNVD-202512-859 Information
CNNVD ID
CNNVD-202512-859
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
Enalean Tuleap是法国Enalean公司的一个自由的开源工具。用于应用程序和系统开发的端到端可追溯性。 Enalean Tuleap存在安全漏洞,该漏洞源于访问控制不当,可能导致未授权访问文件发布系统信息。
Description (English)
Enalean Tuleap is a free and open-source tool for the French company Enalean. End-to-end traceability for applications and system development. There is a security loophole in Enalean Tuleap, which stems from inadequate access controls and may lead to unauthorized access to information from the Document Dissemination System.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Enalean
Published
2025-12-08
Last Modified
2026-02-24
References
https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254 https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v https://tuleap.net/plugins/tracker/?aid=45583 https://access.redhat.com/security/cve/cve-2025-64497
Patch
https://github.com/Enalean/tuleap/tags
Share on: