cbcvebase.
CVE-2025-22129
published 2025-02-03

CVE-2025-22129: Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to…

PriorityP420medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.31%
22.3th percentile
Tuleap is an Open Source Suite to improve management of software developments and collaboration. In affected versions an unauthorized user might get access to restricted information. This issue has been addressed in Tuleap Community Edition 16.3.99.1736242932, Tuleap Enterprise Edition 16.2-5, and Tuleap Enterprise Edition 16.3-2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
enaleantuleap< 16.2-516.2-5
enaleantuleap< 16.3.99.173624293216.3.99.1736242932
enaleantuleap>= 16.3 < 16.3-216.3-2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.