Lucene search
ApacheCVELIST:CVE-2024-22393HistoryFeb 22, 2024 - 9:51 a.m.
CVE-2024-22393 Apache Answer: Pixel Flood Attack by uploading the large pixel file
2024-02-2209:51:43
CWE-434
apache
www.cve.org
4
apache answer
pixel flood attack
unrestricted upload
file vulnerability
out of memory
image upload
upgrade
cve-2024-22393
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.
Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in userΒ can cause such an attack by uploading an image when posting content.
Users are recommended to upgrade to version [1.2.5], which fixes the issue.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Answer",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.2.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-22393
2024-02-22 10:15:08
veracode
veracode
Unrestricted File Upload
2024-02-23 11:26:48
osv
osv
github
github
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability
2024-02-22 12:30:56
cnvd
cnvd
Apache Answer Denial of Service Vulnerability
2024-03-14 00:00:00
cve
cve
CVE-2024-22393
2024-02-22 10:15:08
prion
prion
Unrestricted file upload
2024-02-22 10:15:00