216.73.217.19

CVE-2025-64497

· Published 08/12/2025 23:15 · Modified 10/12/2025 21:10

Labels: CVE-2025-64497 2025-12-08CVE-2025-64497CWE-639[email protected]

Essential information

Published
08/12/2025 23:15
Modified
10/12/2025 21:10
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
enalean / tuleap cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
enalean / tuleap cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*
enalean / tuleap cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*
enalean / tuleap cpe:2.3:a:enalean:tuleap:*:*:*:*:enterprise:*:*:*

References