CRITICAL🇵🇱 Wersja polska

CVE-2024-22393

CVSS 9.1v3.1pub. 2024-02-22upd. 2025-05-05

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content. Users are recommended to upgrade to version [1.2.5], which fixes the issue.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
  • Apache Answer

    APP
    Apache
    < 1.2.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-25700HIGH7.2ten sam produkt

Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache A...

CVE-2026-24735HIGH7.5ten sam produkt

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue ...

CVE-2026-25688MEDIUM6.1ten sam produkt

Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Ans...

CVE-2026-25699MEDIUM6.1ten sam produkt

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue ...

CVE-2026-33582MEDIUM6.5ten sam produkt

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Ans...