CVE-2023-1538

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions answer versions prior to 1.0.6

Description The issue concerns an Observable Timing Discrepancy in the GitHub repository answerdev/answer. This discrepancy can potentially be exploited. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For versions prior to 1.0.6, update to version 1.0.6 or later to resolve the issue.

Exploit

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-203CWE-208

Related Identifiers

CVE-2023-1538

GHSA-RVJP-8QJ4-8P29

GO-2023-1661

Affected Products

Answer

CVE-2023-1538

Weakness Enumeration

Related Identifiers

Affected Products

References · 10