Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.
Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in userΒ can cause such an attack by uploading an image when posting content.
Users are recommended to upgrade to version [1.2.5], which fixes the issue.
[
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_answer:*:*:*:*:*:*:*:*"
],
"vendor": "apache_software_foundation",
"product": "apache_answer",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "1.2.1"
}
],
"defaultStatus": "unknown"
}
]