ByteOS Network

NVD Vulnerability Details :

CVE-2025-22129

Analyzed

Source-security-advisories@github.com

Published At-03 Feb, 2025 | 22:15

Updated At-22 Aug, 2025 | 16:19

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to restricted information. This issue has been addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CPE Matches

Enalean SAS

>>tuleap>>Versions before 16.2-5(exclusive)

cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*

Enalean SAS

>>tuleap>>Versions before 16.3.99.1736242932(exclusive)

cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*

Enalean SAS

>>tuleap>>Versions from 16.3(inclusive) to 16.3-2(exclusive)

cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-280	Secondary	security-advisories@github.com

References

Hyperlink	Source	Resource
https://github.com/Enalean/tuleap/security/advisories/GHSA-f34g-wc2m-mf76	security-advisories@github.com	Third Party Advisory Patch
https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=3edf8158ba40be66f0b661888b8b2805784795d1	security-advisories@github.com	Permissions Required
https://tuleap.net/plugins/tracker/?aid=41434	security-advisories@github.com	Vendor Advisory Exploit Issue Tracking Patch
https://tuleap.net/plugins/tracker/?aid=41434	134c704f-9b21-4f2e-91b3-4a467353bcc0	Vendor Advisory Exploit Issue Tracking Patch

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History