Vulnerabilities > Apache > Answer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-41888 | Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. The password reset link remains valid within its expiration period even after it has been used. | 5.3 |
| 2024-08-12 | CVE-2024-41890 | Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer Missing Release of Resource after Effective Lifetime vulnerability in Apache Answer. This issue affects Apache Answer: through 1.3.5. User sends multiple password reset emails, each containing a valid link. | 5.3 |
| 2024-01-10 | CVE-2023-49619 | Race Condition vulnerability in Apache Answer Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once. | 3.1 |