CVE-2024-39902

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-39902
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-39902.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-39902
Related
  • GHSA-5jq5-vxmq-xrj7
Published
2024-07-22T14:15:06Z
Modified
2025-01-08T16:15:47.588552Z
Summary
[none]
Details

Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8.

References

Affected packages

Git / github.com/enalean/tuleap

Affected ranges

Type
GIT
Repo
https://github.com/enalean/tuleap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

10.*

10.0
10.1
10.10
10.11
10.2
10.3
10.4
10.5
10.6
10.7
10.8
10.9

11.*

11.0
11.1
11.10
11.11
11.12
11.13
11.14
11.15
11.16
11.17
11.18
11.2
11.3
11.4
11.5
11.6
11.7
11.8
11.9

12.*

12.0
12.1
12.10
12.11
12.12
12.2
12.3
12.4
12.5
12.6
12.7
12.8
12.9

13.*

13.0
13.1
13.10
13.11
13.12
13.2
13.3
13.4
13.5
13.6
13.7
13.8
13.9

14.*

14.0
14.1
14.10
14.11
14.12
14.2
14.3
14.4
14.5
14.6
14.7
14.8
14.9

15.*

15.0
15.1
15.10
15.2
15.3
15.4
15.5
15.6
15.7
15.8
15.9

Other

1839_conditions_on_dates_in_5_7_1

4.*

4.0.18
4.0.20
4.0.28

5.*

5.0.1
5.0.2
5.0.3
5.0.4
5.1.0
5.11
5.12
5.2
5.3
5.3.1
5.4
5.5
5.5.1
5.5.2
5.5.3
5.5.4
5.6
5.6.1
5.6.2
5.7
5.8
5.9
5.9.1

6.*

6.0
6.1
6.10
6.11
6.12
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9

7.*

7.0
7.1
7.10
7.11
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9

8.*

8.0
8.1
8.10
8.11
8.12
8.13
8.14
8.15
8.16
8.17
8.18
8.19
8.2
8.3
8.4
8.5
8.6
8.7
8.8
8.9

9.*

9.0
9.1
9.10
9.11
9.12
9.13
9.14
9.15
9.16
9.17
9.18
9.19
9.2
9.3
9.4
9.5
9.6
9.7
9.8
9.9

@tuleap/project-sidebar_1.*

@tuleap/project-sidebar_1.0.0
@tuleap/project-sidebar_1.0.1
@tuleap/project-sidebar_1.0.2
@tuleap/project-sidebar_1.1.0

@tuleap/project-sidebar_2.*

@tuleap/project-sidebar_2.1.0
@tuleap/project-sidebar_2.2.0
@tuleap/project-sidebar_2.2.1
@tuleap/project-sidebar_2.2.3
@tuleap/project-sidebar_2.2.4
@tuleap/project-sidebar_2.3.0
@tuleap/project-sidebar_2.4.0
@tuleap/project-sidebar_2.5.0
@tuleap/project-sidebar_2.6.0
@tuleap/project-sidebar_2.6.1