Описание
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.17.99.144, Tuleap Enterprise Edition 11.17-5, Tuleap Enterprise Edition 11.16-7.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.17.99.144 (исключая)Версия от 11.16-1 (включая) до 11.16-7 (исключая)Версия от 11.17-1 (включая) до 11.17-5 (исключая)
Одно из
cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*
cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 74%
0.00855
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
EPSS
Процентиль: 74%
0.00855
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89