Vulnerability Details CVE-2024-23344
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted information when a process validates the permissions of multiple users (e.g. mail notifications). This issue has been patched in version 15.4.99.140 of Tuleap Community Edition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.4%
CVSS Severity
CVSS v3 Score 5.3
References
- https://github.com/Enalean/tuleap/commit/0329e21d268510bc00fed707406103edabf10e42
- https://github.com/Enalean/tuleap/security/advisories/GHSA-m3v5-2j5q-x85w
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0329e21d268510bc00fed707406103edabf10e42
- https://tuleap.net/plugins/tracker/?aid=35862
- https://github.com/Enalean/tuleap/commit/0329e21d268510bc00fed707406103edabf10e42
- https://github.com/Enalean/tuleap/security/advisories/GHSA-m3v5-2j5q-x85w
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0329e21d268510bc00fed707406103edabf10e42
- https://tuleap.net/plugins/tracker/?aid=35862
Products affected by CVE-2024-23344
-
cpe:2.3:a:enalean:tuleap:-
-
cpe:2.3:a:enalean:tuleap:11.15-1
-
cpe:2.3:a:enalean:tuleap:11.15-8
-
cpe:2.3:a:enalean:tuleap:11.16-1
-
cpe:2.3:a:enalean:tuleap:11.16-6
-
cpe:2.3:a:enalean:tuleap:11.16-7
-
cpe:2.3:a:enalean:tuleap:11.17-1
-
cpe:2.3:a:enalean:tuleap:11.17-5
-
cpe:2.3:a:enalean:tuleap:12.10
-
cpe:2.3:a:enalean:tuleap:12.11-2
-
cpe:2.3:a:enalean:tuleap:13.12-6
-
cpe:2.3:a:enalean:tuleap:13.6-5
-
cpe:2.3:a:enalean:tuleap:13.7-1
-
cpe:2.3:a:enalean:tuleap:13.7-4
-
cpe:2.3:a:enalean:tuleap:14.0
-
cpe:2.3:a:enalean:tuleap:14.0-3
-
cpe:2.3:a:enalean:tuleap:14.10
-
cpe:2.3:a:enalean:tuleap:14.10-2
-
cpe:2.3:a:enalean:tuleap:14.12-1
-
cpe:2.3:a:enalean:tuleap:14.12-6
-
cpe:2.3:a:enalean:tuleap:14.4-7
-
cpe:2.3:a:enalean:tuleap:14.5
-
cpe:2.3:a:enalean:tuleap:14.5-2
-
cpe:2.3:a:enalean:tuleap:14.7-7
-
cpe:2.3:a:enalean:tuleap:14.8
-
cpe:2.3:a:enalean:tuleap:14.8-3
-
cpe:2.3:a:enalean:tuleap:14.9-5
-
cpe:2.3:a:enalean:tuleap:15.0-1
-
cpe:2.3:a:enalean:tuleap:15.0-9
-
cpe:2.3:a:enalean:tuleap:15.1-1
-
cpe:2.3:a:enalean:tuleap:15.1-8
-
cpe:2.3:a:enalean:tuleap:15.1-9
-
cpe:2.3:a:enalean:tuleap:15.2
-
cpe:2.3:a:enalean:tuleap:15.2-1
-
cpe:2.3:a:enalean:tuleap:15.2-4
-
cpe:2.3:a:enalean:tuleap:15.2-5
-
cpe:2.3:a:enalean:tuleap:15.2.99.103
-
cpe:2.3:a:enalean:tuleap:15.2.99.49
-
cpe:2.3:a:enalean:tuleap:15.3-1
-
cpe:2.3:a:enalean:tuleap:15.3-6