CVE-2025-29868

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 1, 2025

Updated: Apr 15, 2025

CWE ID 495

Summary

CVE-2025-29868 is a vulnerability affecting Apache Answer versions up to 1.4.2. This issue involves a Private Data Structure Returned From A Public Method, allowing external image providers to obtain the private IP address of users accessing their images. To mitigate this risk, it is recommended that users upgrade to Apache Answer version 1.4.5, which includes a fix for this issue. Administrators can also set new display options to restrict external content in the newer version.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/4QwCs4
https://www.cve.org/CVERecord?id=CVE-2025-29868
https://nvd.nist.gov/vuln/detail/CVE-2025-29868

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-29868

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations