Описание
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix: Tuleap Community Edition 11.17.99.146, Tuleap Enterprise Edition 11.17-5, Tuleap Enterprise Edition 11.16-7.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.17.99.146 (исключая)Версия от 11.16-1 (включая) до 11.16-7 (исключая)Версия от 11.17-1 (включая) до 11.17-5 (исключая)
Одно из
cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*
cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 75%
0.00855
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89
EPSS
Процентиль: 75%
0.00855
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
CWE-89