How severe is CVE-2024-32466?

This vulnerability has a severity rating of LOW with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2024-32466?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2024-32466 - LOW Severity | CVSS 2.7

Vulnerability Description

Tolgee is an open-source localization platform. For the `/v2/projects/translations` and `/v2/projects/{projectId}/translations` endpoints, translation data was returned even when API key was missing `translation.view` scope. However, it was impossible to fetch the data when user was missing this scope. So this is only relevant for API keys generated by users permitted to `translation.view`. This vulnerability is fixed in v3.57.2

Related Vulnerabilities

CVE-2017-5930

LOW

CVSS:2.7(Low)

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission che...

CWE-8622017

CVE-2020-6306

LOW

CVSS:2.7(Low)

Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17).

CWE-8622020

CVE-2021-44840

LOW

CVSS:2.7(Low)

An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit, create, and delete risk labels, such as Criticality and Priority Indication labels. By using the /core/tab...

CWE-8622021

CVE-2022-2459

LOW

CVSS:2.7(Low)

An issue has been discovered in GitLab EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for ema...

CWE-8622022

CVE-2022-2841

LOW

CVSS:2.7(Low)

A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806. It has been classified as problematic. Affected is an unknown function of the component Uninstallation Handler. The ...

CWE-8622022

CVE-2023-3587

LOW

CVSS:2.7(Low)

Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the U...

CWE-8622023