Lucene search
+L

4 matches found

Circl
Circl
added 2024/09/25 10:58 a.m.5 views

CVE-2024-40761

creationtimestamp| type| source ---|---|--- 2024-09-25 10:58:16+00:00| seen| https://t.me/cvedetector/6300...

5.3CVSS4.8AI score0.00749EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/25 7:31 a.m.21 views

CVE-2024-40761 Apache Answer: Avatar URL leaked user email addresses

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a user's email to access Gravatar is insecure and can lead to the leakage of user email. The official recommendation is to use SHA256 instead. Users are recommend...

5.3AI score0.00749EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/25 7:31 a.m.45 views

CVE-2024-40761 Apache Answer: Avatar URL leaked user email addresses

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a user's email to access Gravatar is insecure and can lead to the leakage of user email. The official recommendation is to use SHA256 instead. Users are recommend...

0.00749EPSS
Exploits0References1
CVE
CVE
added 2024/09/25 7:31 a.m.57 views

CVE-2024-40761

Apache Answer contains an Inadequate Encryption Strength vulnerability (through version 1.3.5) where the MD5 hash of a user’s email is used to access Gravatar, risking email leakage. Mitigation: upgrade to version 1.4.0 which switches to SHA-256 per the advisory. Nuclear risk: only disclosed as l...

5.3CVSS5.3AI score0.00749EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder