CVE-2024-47767

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-280
View all →

Vulnerability Description

Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-5, users might see tracker names they should not have access to. Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 15.12-8 fix this issue.

Related Vulnerabilities

CVE-2020-8117

MEDIUM
CVSS:4.3(Medium)

Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.

CWE-2802020

CVE-2022-30723

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC a...

CWE-2802022

CVE-2022-30724

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address o...

CWE-2802022

CVE-2022-30725

MEDIUM
CVSS:4.3(Medium)

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of th...

CWE-2802022

CVE-2023-2020

MEDIUM
CVSS:4.3(Medium)

Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 (beta) allow unauthorized users to schedule downtimes for any host.

CWE-2802023

CVE-2024-0560

MEDIUM
CVSS:4.3(Medium)

A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors. When the auth_type is use_3scale_oidc_issuer_endpoint, the Token Introspection policy discovers the Toke...

CWE-2802024