threat
engine
.sh
Back
·
··:··
Home
/
Product
/
enalean tuleap
Product
enalean tuleap
68 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-24007
< 17.0.99.1768924735
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the
4.6
MEDIUM
CVE-2025-65962
< 17.0.99.1763803709
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edit
4.6
MEDIUM
CVE-2025-64760
< 17.0.99.1763126988
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edit
4.6
MEDIUM
CVE-2025-64499
< 17.0.99.1762456922
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions
4.6
MEDIUM
CVE-2025-64498
< 17.0.99.1762444754
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 1
4.6
MEDIUM
CVE-2025-64497
< 17.0.99.1762431347
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tul
6.5
MEDIUM
CVE-2025-54877
< 16.10.99.1754050155
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edi
5.3
MEDIUM
CVE-2025-53902
< 16.9.99.1752585665
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edi
4.3
MEDIUM
CVE-2025-53541
< 16.9.99.1751892857
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edi
5.4
MEDIUM
CVE-2025-52899
< 16.9.99.1750843170
Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edi
5.3
MEDIUM
CVE-2025-50179
< 16.8.99.1749830289
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-sit
4.6
MEDIUM
CVE-2025-48991
< 16.8.99.1748845907
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerabi
4.6
MEDIUM
CVE-2025-30209
< 16.5.99.1742812323
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker can access release no
5.3
MEDIUM
CVE-2025-30203
< 16.5.99.1742562878
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scriptin
4.8
MEDIUM
CVE-2025-30155
< 16.5.99.1742392651
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not enforce read perm
4.3
MEDIUM
CVE-2025-29929
< 16.5.99.1742306712
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection
4.6
MEDIUM
CVE-2025-29766
< 16.5.99.1741784483
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap has missing CSRF protectio
4.6
MEDIUM
CVE-2025-27402
< 16.4.99.1740414959
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection
4.6
MEDIUM
CVE-2025-27401
< 16.4.99.1740498975
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, t
4.6
MEDIUM
CVE-2025-27156
< 16.4.99.1740567344
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not
4.1
MEDIUM
CVE-2025-27150
< 16.4.99.1740492866
Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis
5.3
MEDIUM
CVE-2025-27099
< 16.4.99.1740067916
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scriptin
4.8
MEDIUM
CVE-2025-27094
< 16.4.99.1739877910
Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access
5.4
MEDIUM
CVE-2025-24029
< 16.3.99.1737562605
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if
5.3
MEDIUM
CVE-2025-22129
< 16.3.99.1736242932
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthori
4.3
MEDIUM
CVE-2024-52599
< 16.1.99.50
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior
5.4
MEDIUM
CVE-2024-47767
< 15.13.99.113
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.11
4.3
MEDIUM
CVE-2024-47766
< 15.13.99.110
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.11
4.9
MEDIUM
CVE-2024-46988
< 15.13.99.40
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40
4.8
MEDIUM
CVE-2024-46980
< 15.13.99.37
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37
4.8
MEDIUM
CVE-2024-39902
< 15.10.99.128
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition
4.8
MEDIUM
CVE-2024-37167
< 15.9.99.97
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog ite
4.3
MEDIUM
CVE-2024-30246
>= 14.11.99.34 and < 15.7.99.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit th
7.6
HIGH
CVE-2024-25130
< 15.5.99.76
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.5.99.76 of Tu
5.4
MEDIUM
CVE-2024-23344
>= 15.2.99.49 and < 15.4.99.140
Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to re
5.3
MEDIUM
CVE-2023-48715
< 15.2.99.103
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of T
5.4
MEDIUM
CVE-2023-39521
< 14.11.99.82
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior
4.8
MEDIUM
CVE-2023-38508
< 14.11.99.28
Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior
6.5
MEDIUM
CVE-2023-35929
< 14.10.99.4
Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.
5.4
MEDIUM
CVE-2023-35938
< 14.9.99.63
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a proje
4.1
MEDIUM
CVE-2023-32072
< 14.8.99.60
Tuleap is an open source tool for end to end traceability of application and system developments. Tuleap Community Edition prior t
4.8
MEDIUM
CVE-2023-30619
>= 14.7.99.76 and < 14.7.99.143
Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of a
5.4
MEDIUM
CVE-2023-23938
>= 13.8.99.49 and < 14.5.99.4
Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject t
5.9
MEDIUM
CVE-2022-46160
< 14.2.99.104
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104,
4.3
MEDIUM
CVE-2022-23473
< 14.2.99.148
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148,
4.3
MEDIUM
CVE-2022-39233
>= 12.9.99.228 and < 14.0.99.24
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and
4.3
MEDIUM
CVE-2022-31128
>= 13.9.9.110 and < 13.10.99.82
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap
5.4
MEDIUM
CVE-2022-31063
< 13.9.99.111
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.9
6.5
MEDIUM
CVE-2022-31058
< 13.9.99.111
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.9
7.2
HIGH
CVE-2022-31032
< 13.9.99.111
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.9
4.3
MEDIUM
CVE-2022-24896
< 13.7.99.239
Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap do
4.3
MEDIUM
CVE-2021-43806
< 13.2.99.155
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tu
8.8
HIGH
CVE-2021-43782
< 13.2.99.83
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to
6.7
MEDIUM
CVE-2021-41276
< 13.2.99.31
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tu
6.7
MEDIUM
CVE-2021-41155
< 11.17.99.146
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap
8.8
HIGH
CVE-2021-41154
< 11.17.99.144
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an att
8.8
HIGH
CVE-2021-41148
< 11.16.99.173
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to versi
8.8
HIGH
CVE-2021-41147
< 11.16.99.173
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to versi
7.2
HIGH
CVE-2021-41142
< 11.17.99.146
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cro
5.4
MEDIUM
CVE-2018-17298
< 10.5
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
9.8
CRITICAL
CVE-2018-7538
< 9.18
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows atta
9.8
CRITICAL
CVE-2018-7634
all versions
An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible
8.8
HIGH
CVE-2017-7411
<= 9.6
An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() m
8.8
HIGH
CVE-2017-7981
< 9.7
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki compon
8.8
HIGH
CVE-2014-8791
all versions
project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to c
CVE-2014-7178
<= 7.5.99.5
Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided
CVE-2014-7176
<= 7.5
SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands
CVE-2014-7177
<= 7.2
XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin