Home > Vulnerability Database > CVE-2023-49619

Mend.io Vulnerability Database

CVE-2023-49619

Date: January 10, 2024

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once. However, repeat submissions through the script can increase the number of collection of the question many times. Users are recommended to upgrade to version [1.2.1], which fixes the issue.

Language: Go

Severity Score

3.1

Related Resources (6)

Url: https://lists.apache.org/thread/nscrl3c7pn68q4j73y3ottql6n5x3hd4

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-49619

Url: http://www.openwall.com/lists/oss-security/2024/01/10/1

Url: https://github.com/apache/incubator-answer

Url: https://github.com/advisories/GHSA-f899-4mr4-fqpv

Url: https://www.mend.io/vulnerability-database/CVE-2023-49619

Severity Score

3.1

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

CVSS v3.1

Base Score:	3.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-49619

Date: January 10, 2024

Language: Go

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?