CVE-2023-35938

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-35938
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35938.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-35938
Related
  • GHSA-rq42-cv6q-3m9q
Published
2023-06-29T20:15:09Z
Modified
2025-01-15T04:55:29.894170Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to Private without restricted, restricted users that are project administrators keep this access right. Restricted users that were project administrators before the visibility switch keep the possibility to access the project and do some administration actions. This issue has been resolved in Tuleap version 14.9.99.63. Users are advised to upgrade. There are no known workarounds for this issue.

References

Affected packages

Git / github.com/enalean/tuleap

Affected ranges

Type
GIT
Repo
https://github.com/enalean/tuleap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

10.*

10.0
10.1
10.10
10.11
10.2
10.3
10.4
10.5
10.6
10.7
10.8
10.9

11.*

11.0
11.1
11.10
11.11
11.12
11.13
11.14
11.15
11.16
11.17
11.18
11.2
11.3
11.4
11.5
11.6
11.7
11.8
11.9

12.*

12.0
12.1
12.10
12.11
12.12
12.2
12.3
12.4
12.5
12.6
12.7
12.8
12.9

13.*

13.0
13.1
13.10
13.11
13.12
13.2
13.3
13.4
13.5
13.6
13.7
13.8
13.9

14.*

14.0
14.1
14.2
14.3
14.4
14.5
14.6
14.7
14.8
14.9

Other

1839_conditions_on_dates_in_5_7_1

4.*

4.0.18
4.0.20
4.0.28

5.*

5.0.1
5.0.2
5.0.3
5.0.4
5.1.0
5.11
5.12
5.2
5.3
5.3.1
5.4
5.5
5.5.1
5.5.2
5.5.3
5.5.4
5.6
5.6.1
5.6.2
5.7
5.8
5.9
5.9.1

6.*

6.0
6.1
6.10
6.11
6.12
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9

7.*

7.0
7.1
7.10
7.11
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9

8.*

8.0
8.1
8.10
8.11
8.12
8.13
8.14
8.15
8.16
8.17
8.18
8.19
8.2
8.3
8.4
8.5
8.6
8.7
8.8
8.9

9.*

9.0
9.1
9.10
9.11
9.12
9.13
9.14
9.15
9.16
9.17
9.18
9.19
9.2
9.3
9.4
9.5
9.6
9.7
9.8
9.9

@tuleap/project-sidebar_1.*

@tuleap/project-sidebar_1.0.0
@tuleap/project-sidebar_1.0.1
@tuleap/project-sidebar_1.0.2
@tuleap/project-sidebar_1.1.0

@tuleap/project-sidebar_2.*

@tuleap/project-sidebar_2.1.0
@tuleap/project-sidebar_2.2.0