Primary

Context

Apache Answer Externally Referenced Image Privacy Leak Vulnerability

Vulnerability

A vulnerability in Apache Answer versions prior to 1.4.2 allows for the leakage of private information, specifically the IP address of users accessing externally referenced images. This issue arises because the image provider can obtain the IP address when the image is accessed. Users are advised to upgrade to version 1.4.5, which addresses this vulnerability by allowing administrators to control the display of external content.

Impact

Exploitation of this vulnerability can lead to unauthorized disclosure of user IP addresses to external image providers.

Remediation

Users should upgrade to Apache Answer version 1.4.5 or later, where the issue is fixed and administrators can manage the display of external content.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Answer Externally Referenced Image Privacy Leak Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating