Answerdev Answer vulnerabilities
34 known vulnerabilities affecting answerdev/answerdev_answer.
Total CVEs
34
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH5MEDIUM21LOW2
Vulnerabilities
Page 1 of 2
CVE-2023-0744P2CRITICALCVSS 9.8PoC≥ unspecified, < 1.0.42023-02-08
CVE-2023-0744 [CRITICAL] CWE-284 CVE-2023-0744: Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4.
Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-4815P3HIGHCVSS 8.8≥ unspecified, < v1.1.32023-09-07
CVE-2023-4815 [HIGH] CWE-306 CVE-2023-4815: Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3.
Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3.
nvd
CVE-2023-1537P3CRITICALCVSS 9.8≥ unspecified, < 1.0.62023-03-21
CVE-2023-1537 [CRITICAL] CWE-294 CVE-2023-1537: Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-4125P3HIGHCVSS 8.8≥ unspecified, < v1.1.02023-08-03
CVE-2023-4125 [HIGH] CWE-521 CVE-2023-4125: Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0.
Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0.
nvd
CVE-2023-1976P3HIGHCVSS 8.8≥ unspecified, < 1.0.62023-04-11
CVE-2023-1976 [HIGH] CWE-263 CVE-2023-1976: Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6.
Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-4126P3HIGHCVSS 8.8≥ unspecified, < v1.1.02023-08-03
CVE-2023-4126 [HIGH] CWE-613 CVE-2023-4126: Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0.
Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0.
nvd
CVE-2023-0741P3CRITICALCVSS 9.0≥ unspecified, < 1.0.42023-02-08
CVE-2023-0741 [CRITICAL] CWE-79 CVE-2023-0741: Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4.
Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-0742P3CRITICALCVSS 9.0≥ unspecified, < 1.0.42023-02-08
CVE-2023-0742 [CRITICAL] CWE-79 CVE-2023-0742: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-0743P3CRITICALCVSS 9.0≥ unspecified, < 1.0.42023-02-08
CVE-2023-0743 [CRITICAL] CWE-79 CVE-2023-0743: Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4.
Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-0740P3CRITICALCVSS 9.0≥ unspecified, < 1.0.42023-02-08
CVE-2023-0740 [CRITICAL] CWE-79 CVE-2023-0740: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-4124P4MEDIUMCVSS 6.5≥ unspecified, < v1.1.12023-08-03
CVE-2023-4124 [MEDIUM] CWE-862 CVE-2023-4124: Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1.
Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1.
nvd
CVE-2023-1543P4HIGHCVSS 8.8≥ unspecified, < 1.0.62023-03-21
CVE-2023-1543 [HIGH] CWE-613 CVE-2023-1543: Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6.
Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-0739P4MEDIUMCVSS 6.8≥ unspecified, < 1.0.42023-02-08
CVE-2023-0739 [MEDIUM] CWE-362 CVE-2023-0739: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHu
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in GitHub repository answerdev/answer prior to 1.0.4.
nvd
CVE-2023-1975P4MEDIUMCVSS 6.5≥ unspecified, < 1.0.82023-04-11
CVE-2023-1975 [MEDIUM] CWE-201 CVE-2023-1975: Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0
Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8.
nvd
CVE-2023-1974P4MEDIUMCVSS 6.5≥ unspecified, < 1.0.82023-04-11
CVE-2023-1974 [MEDIUM] CWE-1230 CVE-2023-1974: Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.
Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8.
nvd
CVE-2023-4127P4MEDIUMCVSS 5.9≥ unspecified, < v1.1.12023-08-03
CVE-2023-4127 [MEDIUM] CWE-366 CVE-2023-4127: Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1.
Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1.
nvd
CVE-2023-1242P4MEDIUMCVSS 5.4≥ unspecified, < 1.0.62023-03-07
CVE-2023-1242 [MEDIUM] CWE-79 CVE-2023-1242: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-1240P4MEDIUMCVSS 5.4≥ unspecified, < 1.0.62023-03-07
CVE-2023-1240 [MEDIUM] CWE-79 CVE-2023-1240: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-1241P4MEDIUMCVSS 5.4≥ unspecified, < 1.0.62023-03-07
CVE-2023-1241 [MEDIUM] CWE-79 CVE-2023-1241: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
nvd
CVE-2023-1238P4MEDIUMCVSS 5.4≥ unspecified, < 1.0.62023-03-07
CVE-2023-1238 [MEDIUM] CWE-79 CVE-2023-1238: Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
nvd
1 / 2Next →