159 matches found
GO-2025-3587 Apache Answer User Using External Images Potentially Discloses User Information in github.com/apache/answer
Apache Answer User Using External Images Potentially Discloses User Information in github.com/apache/answer...
GHSA-WQCC-MFHW-53PC Apache Answer User Using External Images Potentially Discloses User Information
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
Private Data Structure Returned From A Public Method
Overview Affected versions of this package are vulnerable to Private Data Structure Returned From A Public Method. When a user accesses an externally referenced image, the provider of the image may obtain private information about the IP address of that accessing user. Remediation Upgrade...
Apache Answer User Using External Images Potentially Discloses User Information
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-29868
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-29868
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-29868 Apache Answer: Using externally referenced images can leak user privacy.
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
CVE-2025-29868
CVE-2025-29868 affects Apache Answer up to version 1.4.2. A public method returns a private data structure, enabling potential disclosure of a user’s IP address when external images are accessed. The issue is mitigated in version 1.4.5, which adds a configurable setting to control whether externa...
CVE-2025-29868 Apache Answer: Using externally referenced images can leak user privacy.
Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...
Apache Answer 安全漏洞
Apache Answer is a community platform of the Apache USA Foundation. An information disclosure vulnerability exists in Apache Answer 1.4.2 and earlier versions, which stems from a public method returning a private data structure, and can be exploited by an attacker to cause IP address disclosure...
CVE-2024-29217
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Answer.This issue affects Apache Answer: before 1.3.0. XSS attack when user changes personal website. A logged-in user, when modifying their personal website, can input malicious code in the...
CVE-2024-22393
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...
CVE-2024-26578
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly...
SUSE CVE-2024-45719
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
GHSA-MR95-VFCF-FX9P Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719
CVE-2024-45719 concerns Apache Answer with an Inadequate Encryption Strength vulnerability affecting versions up to 1.4.0. The issue is that IDs generated using UUID v1 can be predictable, reducing token security. The recommended fix is upgrade to version 1.4.1, which closes the flaw. Connected s...