Description

Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of that accessing user. Users are recommended to upgrade to version 1.4.5, which fixes the issue. In the new version, administrators can set whether external content can be displayed.

INFO

Published Date :

2025-04-01T07:56:28.633Z

Last Modified :

2025-04-10T15:03:07.021Z

Source :

apache
AFFECTED PRODUCTS

The following products are affected by CVE-2025-29868 vulnerability.

Vendors Products
Apache
  • Answer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-29868.

URL Resource
http://www.openwall.com/lists/oss-security/2025/04/01/2 cve-icon
http://www.openwall.com/lists/oss-security/2025/04/02/1 cve-icon
http://www.openwall.com/lists/oss-security/2025/04/10/3 cve-icon
https://lists.apache.org/thread/l7pohw5g03g3qsvrz8pqc9t29mdv5lhf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact