Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Answer Security Vulnerabilities - CVSS Score 5 - 6

cve
cve

CVE-2024-40761

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a user's email to access Gravatar is insecure and can lead to the leakage of user email. The official recommendation is to use SHA256 instead.Users are recommended ...

5.3CVSS

6.6AI Score

0.0004EPSS

2024-09-25 08:15 AM
15
cve
cve

CVE-2024-41888

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. This could potentially lead to the link being misused or hijacked.Use...

5.3CVSS

6.7AI Score

0.001EPSS

2024-08-12 01:38 PM
26
cve
cve

CVE-2024-41890

Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. Within the link's validity period, this could potentially lead to the link being misused or ...

5.3CVSS

6.7AI Score

0.001EPSS

2024-08-12 01:38 PM
35