Every CVE whose affected-product data names Enalean Tuleap, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (68)
CVE-2018-7538 — CVSS 9.8 (critical): A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to…
CVE-2018-17298 — CVSS 9.8 (critical): An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
CVE-2014-7178 — CVSS 9.3 (critical): Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the…
CVE-2017-7411 — CVSS 8.8 (high): An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is…
CVE-2021-41148 — CVSS 8.8 (high): Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version…
CVE-2018-7634 — CVSS 8.8 (high): An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse…
CVE-2021-41155 — CVSS 8.8 (high): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not…
CVE-2017-7981 — CVSS 8.8 (high): Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component…
CVE-2021-41154 — CVSS 8.8 (high): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker…
CVE-2021-43806 — CVSS 8.8 (high): Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does…
CVE-2024-30246 — CVSS 7.6 (high): Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue…
CVE-2022-31058 — CVSS 7.2 (high): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.95…
CVE-2021-41147 — CVSS 7.2 (high): Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version…
CVE-2021-43782 — CVSS 6.7 (medium): Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. This is a follow up to…
CVE-2021-41276 — CVSS 6.7 (medium): Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does…
CVE-2022-31063 — CVSS 6.5 (medium): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.111 the…
CVE-2023-38508 — CVSS 6.5 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to…
CVE-2025-64497 — CVSS 6.5 (medium): Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap…
CVE-2014-7176 — CVSS 6.5 (medium): SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the…
CVE-2014-8791 — CVSS 6.0 (medium): project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct…
CVE-2023-23938 — CVSS 5.9 (medium): Tuleap is a Free & Source tool for end to end traceability of application and system developments. Affected versions are subject to a cross…
CVE-2024-52599 — CVSS 5.4 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to…
CVE-2021-41142 — CVSS 5.4 (medium): Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. There is a cross-site…
CVE-2022-31128 — CVSS 5.4 (medium): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not…
CVE-2023-30619 — CVSS 5.4 (medium): Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an…
CVE-2023-35929 — CVSS 5.4 (medium): Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of…
CVE-2023-48715 — CVSS 5.4 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 of Tuleap…
CVE-2024-25130 — CVSS 5.4 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.5.99.76 of Tuleap…
CVE-2025-27094 — CVSS 5.4 (medium): Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a…
CVE-2025-53541 — CVSS 5.4 (medium): Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition…
CVE-2025-54877 — CVSS 5.3 (medium): Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition…
CVE-2025-52899 — CVSS 5.3 (medium): Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition…
CVE-2025-24029 — CVSS 5.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users (possibly anonymous ones if the…
CVE-2025-27150 — CVSS 5.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis instance…
CVE-2024-23344 — CVSS 5.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Some users might get access to restricted…
CVE-2025-30209 — CVSS 5.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker can access release notes…
CVE-2024-47766 — CVSS 4.9 (medium): Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.110, Tuleap…
CVE-2025-30203 — CVSS 4.8 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS)…
CVE-2024-39902 — CVSS 4.8 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition…
CVE-2024-46980 — CVSS 4.8 (medium): Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap…
CVE-2024-46988 — CVSS 4.8 (medium): Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap…
CVE-2023-32072 — CVSS 4.8 (medium): Tuleap is an open source tool for end to end traceability of application and system developments. Tuleap Community Edition prior to version…
CVE-2023-39521 — CVSS 4.8 (medium): Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to…
CVE-2025-27099 — CVSS 4.8 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap allows cross-site scripting (XSS)…
CVE-2026-24007 — CVSS 4.6 (medium): Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview…
CVE-2025-65962 — CVSS 4.6 (medium): Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior…
CVE-2025-48991 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability…
CVE-2025-50179 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site request…
CVE-2025-64498 — CVSS 4.6 (medium): Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below…
CVE-2025-27401 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. In a standard usages of Tuleap, the issue…
CVE-2025-27402 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protections on…
CVE-2025-29766 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap has missing CSRF protections on…
CVE-2025-29929 — CVSS 4.6 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection on…
CVE-2025-64760 — CVSS 4.6 (medium): Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior…
CVE-2025-64499 — CVSS 4.6 (medium): Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to…
CVE-2022-31032 — CVSS 4.3 (medium): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions prior to 13.9.99.58…
CVE-2022-24896 — CVSS 4.3 (medium): Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not…
CVE-2024-37167 — CVSS 4.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog items that…
CVE-2024-47767 — CVSS 4.3 (medium): Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap…
CVE-2022-23473 — CVSS 4.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.148…
CVE-2025-22129 — CVSS 4.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user…
CVE-2025-30155 — CVSS 4.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not enforce read permissions…
CVE-2025-53902 — CVSS 4.3 (medium): Tuleap is an Open Source Suite created to facilitate management of software development and collaboration. In Tuleap Community Edition…
CVE-2022-46160 — CVSS 4.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. In versions prior to 14.2.99.104, project…
CVE-2022-39233 — CVSS 4.3 (medium): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In versions 12.9.99.228 and above…
CVE-2025-27156 — CVSS 4.1 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize…
CVE-2023-35938 — CVSS 4.1 (medium): Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project…
CVE-2014-7177 — CVSS 4.0 (medium): XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via a crafted…