Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/01/09 9:34 a.m.13 views

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS6.9AI score0.01149EPSS
Exploits0References1
nvd
nvd
added 2024/08/12 1:38 p.m.26 views

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS0.01149EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/08/09 2:53 p.m.20 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

7.3AI score0.01149EPSS
Exploits0References1
cve
cve
added 2024/08/09 2:53 p.m.74 views

CVE-2024-41890

CVE-2024-41890 affects Apache Answer up to version 1.3.5. The root issue is Missing Release of Resource after Effective Lifetime: password reset links issued in succession can remain valid during the link’s validity period, enabling potential misuse or hijacking of a previously issued link. A fix...

5.3CVSS6.7AI score0.01149EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/08/09 2:53 p.m.28 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

0.01149EPSS
Exploits0References1
osv
osv
added 2024/08/09 2:53 p.m.16 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS5.9AI score0.01149EPSS
Exploits0References4
Rows per page
Query Builder