Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.13 views

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS6.9AI score0.01149EPSS
Exploits0References1
NVD
NVD
added 2024/08/12 1:38 p.m.26 views

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS0.01149EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/09 2:53 p.m.20 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

7.3AI score0.01149EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/09 2:53 p.m.30 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

0.01149EPSS
Exploits0References1
CVE
CVE
added 2024/08/09 2:53 p.m.76 views

CVE-2024-41890

CVE-2024-41890 affects Apache Answer up to version 1.3.5. The root issue is Missing Release of Resource after Effective Lifetime: password reset links issued in succession can remain valid during the link’s validity period, enabling potential misuse or hijacking of a previously issued link. A fix...

5.3CVSS6.7AI score0.01149EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/08/09 2:53 p.m.16 views

CVE-2024-41890 Apache Answer: The link to reset the user's password will remain valid after sending a new link

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused o...

5.3CVSS5.9AI score0.01149EPSS
Exploits0References4
Rows per page
Query Builder