Every CVE whose affected-product data names Apache Answer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2024-22393 — CVSS 9.1 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood…
CVE-2026-24735 — CVSS 7.5 (high): Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through…
CVE-2026-25700 — CVSS 7.2 (high): Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0…
CVE-2026-34905 — CVSS 6.5 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0…
CVE-2025-29868 — CVSS 6.5 (medium): Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a…
CVE-2026-33582 — CVSS 6.5 (medium): Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted…
CVE-2026-34031 — CVSS 6.5 (medium): Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server…
CVE-2026-25699 — CVSS 6.1 (medium): Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through…
CVE-2026-25688 — CVSS 6.1 (medium): Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0…
CVE-2024-26578 — CVSS 5.9 (medium): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.This issue…
CVE-2026-34033 — CVSS 5.4 (medium): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache Answer. This issue affects Apache…
CVE-2024-23349 — CVSS 5.4 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects…
CVE-2024-41888 — CVSS 5.3 (medium): Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The…
CVE-2024-40761 — CVSS 5.3 (medium): Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. Using the MD5 value of a…
CVE-2024-41890 — CVSS 5.3 (medium): Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User…
CVE-2024-29217 — CVSS 4.6 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects…
CVE-2023-49619 — CVSS 3.1 (low): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue…
CVE-2024-45719 — CVSS 2.6 (low): Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the…