CVE-2023-0739

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions answerdev/answer versions prior to 1.0.4

Description The issue is related to a Race Condition, which occurs due to concurrent execution using a shared resource with improper synchronization. This problem is identified in the GitHub repository answerdev/answer.

Recommendations For versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue. As a temporary workaround, consider implementing proper synchronization mechanisms to prevent concurrent access to shared resources. Restrict access to the vulnerable switch in the GitHub repository answerdev/answer to minimize the risk of exploitation.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-365CWE-362

Related Identifiers

CVE-2023-0739

GHSA-QX34-47FC-VV79

GO-2023-1553

Affected Products

Answer

CVE-2023-0739

Weakness Enumeration

Related Identifiers

Affected Products

References · 11