PT-2024-32322 · Unknown · Tuleap Community Edition+1
Manuel Vacelet
+1
·
Published
2024-10-14
·
Updated
2024-10-16
·
CVE-2024-46988
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tuleap Community Edition versions prior to 15.13.99.40
Tuleap Enterprise Edition versions prior to 15.13-3
Tuleap Enterprise Edition versions prior to 15.12-6
Description
Tuleap is a tool for end to end traceability of application and system developments. Users might receive email notifications with information they should not have access to.
Recommendations
For Tuleap Community Edition versions prior to 15.13.99.40, update to version 15.13.99.40 or later.
For Tuleap Enterprise Edition versions prior to 15.13-3, update to version 15.13-3 or later.
For Tuleap Enterprise Edition versions prior to 15.12-6, update to version 15.12-6 or later.
Exploit
Fix
Improper Handling of Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tuleap Community Edition
Tuleap Enterprise Edition