What the vulnerability does
01Description
Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
CVSS base score
8.3/10
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Key dates
02Disclosure timeline
December 6, 2021
CVE published
September 16, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-59434 Critical Multi-Tenant Variable Disclosure in Flowise Cloud via Custom JavaScript Function
CVE-2026-32814 libheif: Uninitialized Heap Memory Information Leak via Failed Grid Tiles
CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties
CVE-2024-47922 Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-0747
