CVE-2024-32939

LOW Year: 2024
CVSS v3 Score
3.7
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server."

Related Vulnerabilities

CVE-2013-2423

LOW
CVSS:3.7(Low)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors rela...

CWE-2842013

CVE-2016-0208

LOW
CVSS:3.7(Low)

IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors.

CWE-2842016

CVE-2016-2960

LOW
CVSS:3.7(Low)

IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x before 9.0.0.1 ...

CWE-2842016

CVE-2016-8330

LOW
CVSS:3.7(Low)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows unauthenti...

CWE-2842016

CVE-2018-15466

LOW
CVSS:3.7(Low)

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web in...

CWE-2842018

CVE-2019-1866

LOW
CVSS:3.7(Low)

Cisco Webex Business Suite before 39.1.0 contains a vulnerability that could allow an unauthenticated, remote attacker to affect the integrity of the application. The vulnerability is due to improper ...

CWE-2842019