CVE Vulnerabilities

CVE-2024-38327

Inclusion of Sensitive Information in Source Code

Published: Jul 10, 2025 | Modified: Jul 23, 2025
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the applications API.

Weakness

Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.

Affected Software

Name Vendor Start Version End Version
Analytics_content_hub Ibm 2.0 (including) 2.4 (excluding)

Potential Mitigations

References