Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL injection in the "SVN core" commits browser
Vulnerability Description
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.17.99.144, Tuleap Enterprise Edition 11.17-5, Tuleap Enterprise Edition 11.16-7.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Enalean Tuleap Open Alm SQL注入漏洞
Vulnerability Description
Enalean Tuleap Open Alm是法国Enalean公司的一个自由的开源工具。用于应用程序和系统开发的端到端可追溯性。 Tuleap Open Alm 中存在SQL注入漏洞,在受影响的版本中,对SVN 核心存储库具有读取访问权限的攻击者可以执行任意 SQL 查询。以下版本包含此修复程序:Tuleap Community Edition 11.17.99.144、Tuleap Enterprise Edition 11.17-5、Tuleap Enterprise Edition 11.16-
CVSS Information
N/A
Vulnerability Type
N/A