彙總 answer 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 跨站腳本 等問題,部分漏洞可能導致 工作階段劫持,並影響 生產負載與軟體部署 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2023-4815 | Missing Authentication for Critical Function in GitHub repository answerdev/answer prior to v1.1.3. | [email protected] | 8.8 | 0.06% | 2023-09-07 | 2024-11-21 |
| CVE-2023-4127 | Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 5.9 | 0.15% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4126 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.08% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4125 | Weak Password Requirements in GitHub repository answerdev/answer prior to v1.1.0. | [email protected] | 8.8 | 0.25% | 2023-08-03 | 2024-11-21 |
| CVE-2023-4124 | Missing Authorization in GitHub repository answerdev/answer prior to v1.1.1. | [email protected] | 6.5 | 0.17% | 2023-08-03 | 2024-11-21 |
| CVE-2023-2590 | Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9. | [email protected] | 3.5 | 0.17% | 2023-05-09 | 2024-11-21 |
| CVE-2023-1976 | Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.34% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1975 | Insertion of Sensitive Information Into Sent Data in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.35% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1974 | Exposure of Sensitive Information Through Metadata in GitHub repository answerdev/answer prior to 1.0.8. | [email protected] | 6.5 | 0.19% | 2023-04-11 | 2024-11-21 |
| CVE-2023-1543 | Insufficient Session Expiration in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 8.8 | 0.34% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1542 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.31% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1541 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 3.8 | 0.31% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1540 | Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.22% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1539 | Improper Restriction of Excessive Authentication Attempts in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.27% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1538 | Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.3 | 0.22% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1537 | Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 9.8 | 0.26% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1536 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.26% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1535 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | [email protected] | 5.4 | 0.32% | 2023-03-21 | 2024-11-21 |
| CVE-2023-1245 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.23% | 2023-03-07 | 2024-11-21 |
| CVE-2023-1244 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | [email protected] | 5.4 | 0.33% | 2023-03-07 | 2024-11-21 |