CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31058 – SQL injection via the field name of a tracker in Tuleap
https://notcve.org/view.php?id=CVE-2022-31058
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95 Tuleap does not sanitize properly user inputs when constructing the SQL query to retrieve data for the tracker reports. An attacker with the capability to create a new tracker can execute arbitrary SQL queries. Users are advised to upgrade. There is no known workaround for this issue. • https://github.com/Enalean/tuleap/commit/b91bcd57c8344ec2a4c1833629e400cef4dd901a https://github.com/Enalean/tuleap/security/advisories/GHSA-4v2p-rwq9-3vjf https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=b91bcd57c8344ec2a4c1833629e400cef4dd901a https://tuleap.net/plugins/tracker/?aid=27172 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31063 – Cross site scripting via the title of a document in Tuleap
https://notcve.org/view.php?id=CVE-2022-31063
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the title of a document is not properly escaped in the search result of MyDocmanSearch widget and in the administration page of the locked documents. A malicious user with the capability to create a document could force victim to execute uncontrolled code. Users are advised to upgrade. There are no known workarounds for this issue. • https://github.com/Enalean/tuleap/commit/c947975a4f1ff7bbfd7d5cd24a2e16bf12bd96d4 https://github.com/Enalean/tuleap/security/advisories/GHSA-4fx8-4ff3-96jf https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=c947975a4f1ff7bbfd7d5cd24a2e16bf12bd96d4 https://tuleap.net/plugins/tracker/?aid=27173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31032 – Resources of private projects can be exposed in Tuleap
https://notcve.org/view.php?id=CVE-2022-31032
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.58 authorizations are not properly verified when creating projects or trackers from projects marked as templates. Users can get access to information in those template projects because the permissions model is not properly enforced. Users are advised to upgrade. There are no known workarounds for this issue. • https://docs.tuleap.org/administration-guide/users-management/security/site-access.html https://github.com/Enalean/tuleap/commit/7e221a9d1893c13407b35008762757a76d8e5654 https://github.com/Enalean/tuleap/commit/cc38bcc59ce0c733ca915d95daec5f3082fb17ca https://github.com/Enalean/tuleap/security/advisories/GHSA-hvx6-4228-whj3 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=7e221a9d1893c13407b35008762757a76d8e5654 https://tuleap.net/plugins/tracker/?aid=26816 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-24896 – Tracker report renderer and chart widgets leak information in Tuleap
https://notcve.org/view.php?id=CVE-2022-24896
Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports. Tuleap es una suite libre y de código abierto para administrar el desarrollo de software y la colaboración. En versiones anteriores a 13.7.99.239, Tuleap no verifica apropiadamente las autorizaciones cuando muestra el contenido del renderizador de informes de seguimiento y los widgets de gráficos. • https://github.com/Enalean/tuleap/commit/8e99e7c82d9fe569799019b9e1d614d38a184313 https://github.com/Enalean/tuleap/security/advisories/GHSA-x962-x43g-qw39 https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=8e99e7c82d9fe569799019b9e1d614d38a184313 https://tuleap.net/plugins/tracker/?aid=26729 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-43806 – SQL injection in Tuleap
https://notcve.org/view.php?id=CVE-2021-43806
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly user settings when constructing the SQL query to browse and search commits in the CVS repositories. A authenticated malicious user with read access to a CVS repository could execute arbitrary SQL queries. Tuleap instances without an active CVS repositories are not impacted. The following versions contain the fix: Tuleap Community Edition 13.2.99.155, Tuleap Enterprise Edition 13.1-7, and Tuleap Enterprise Edition 13.2-6. • https://github.com/Enalean/tuleap/commit/b82be896b00a787ed46a77bd4700e8fccfe2e5ba https://github.com/Enalean/tuleap/security/advisories/GHSA-x8fr-8gvw-cc4v https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=b82be896b00a787ed46a77bd4700e8fccfe2e5ba https://tuleap.net/plugins/tracker/?aid=24202 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •