CVE-2022-31128 Tuleap is a free and open source suite for managing software development and collaboration.

CVE-2022-31128 Tuleap is a free and open source suite for managing software development and collaboration.

If you have updated to Tuleap version 13.10.99.82 or higher and cannot access the REST API please upgrade to version 13.10-3.

Access to the REST API is currently unavailable

The REST API is currently unavailable in Tuleap version 13.10-3.
Please upgrade to Tuleap version 13.10.99.82 or higher to access the REST API

How to update from 13.10-2 to 13.10.99.82

If you have updated to Tuleap version 13.10.99.82 or higher, please follow the instructions below to update from version 13.10-2 to 13.10.99.82:
1) Login at https://tuleap.com/account/
2) Go to Tools > Updates and follow the instructions there
3) Update your database
4) Log in at https://tuleap-ui-console-prod.mybluemix.net and follow the installation steps

What is the Tuleap REST API?

The REST API is a set of interfaces that you can use to integrate Tuleap with your external system. The REST API allows you to create, read, update and delete data in Tuleap.

How to detect if you are affected?

If you are wondering if your Tuleap server is affected, please check the following table:

The next version of Tuleap will be 13.10-3 which will fix the issue. You can upgrade to this latest version from Tuleap console or your preferred way.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe