CVE-2023-49619

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-49619

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-49619.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-49619

Aliases

Published

2024-01-10T09:15:44Z

Modified

2025-06-11T18:49:58.166187Z

Severity

3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.

This issue affects Apache Answer: through 1.2.0.

Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once. However, repeat submissions through the script can increase the number of collection of the question many times.

Users are recommended to upgrade to version [1.2.1], which fixes the issue.

References

Affected packages

Git / github.com/apache/incubator-answer

Affected ranges

Type: GIT
Repo: https://github.com/apache/incubator-answer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

82fdfc77636d8d1ce28710d929a8c22bb52834ef

Affected versions

v0.*

v0.2.0

v0.3.0

v0.4.0

v0.5.0

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.1.0

v1.1.0-beta.1

v1.1.0-beta.2

v1.1.1

v1.1.2

v1.1.3

v1.2.0

v1.2.0-RC1