github.com/apache/incubator-answer (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/apache/incubator-answer, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2024-22393 — CVSS 9.1 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood…
CVE-2024-26578 — CVSS 5.9 (medium): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.This issue…
CVE-2024-23349 — CVSS 5.4 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects…
CVE-2024-41890 — CVSS 5.3 (medium): Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User…
CVE-2024-40761 — CVSS 5.3 (medium): Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a…
CVE-2024-41888 — CVSS 5.3 (medium): Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The…
CVE-2024-29217 — CVSS 4.6 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects…
CVE-2023-49619 — CVSS 3.1 (low): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue…
CVE-2024-45719 — CVSS 2.6 (low): Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the…