answer 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk cross-site scripting などに関し、一部は vendor impact session compromise を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-4815 | Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. | [email protected] | 8.8 | 0.68% | 2023-09-07 | 2024-11-21 |
| CVE-2023-4127 | Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 5.9 | 0.40% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4126 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.48% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4125 | Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.73% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4124 | Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 6.5 | 0.54% | 2023-08-03 | 2024-11-21 |
| CVE-2023-2590 | Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. | [email protected] | 3.5 | 0.46% | 2023-05-09 | 2024-11-21 |
| CVE-2023-1976 | Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.61% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1975 | Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.59% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1974 | Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.60% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1543 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.78% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1542 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.75% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1541 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 3.8 | 0.64% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1540 | Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.64% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1539 | Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.61% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1538 | Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.64% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1537 | Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 9.8 | 0.84% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1536 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.52% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1535 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.54% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1245 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.52% | 2023-03-07 | 2024-11-21 |
| CVE-2023-1244 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.52% | 2023-03-07 | 2024-11-21 |