CVE-2025-22129

MEDIUM Year: 2025
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-280
View all →

Vulnerability Description

Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to restricted information. This issue has been addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Related Vulnerabilities

CVE-2020-8117

MEDIUM
CVSS:4.3(Medium)

Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.

CWE-2802020

CVE-2022-30723

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC a...

CWE-2802022

CVE-2022-30724

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address o...

CWE-2802022

CVE-2022-30725

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of th...

CWE-2802022

CVE-2023-2020

MEDIUM
CVSS:4.3(Medium)

Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.

CWE-2802023

CVE-2024-0560

MEDIUM
CVSS:4.3(Medium)

A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. When the auth_type is use_3scale_oidc_issuer_endpoint, the Token Introspection policy discovers the Toke...

CWE-2802024