CVE-2005-3339
Description
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0a1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0a2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.3:*:*:*:*:*:*:*
- (no CPE)range: <0.19.3
Patches
Vulnerability mechanics
Root cause
"The User ID is cached longer than necessary in Mantis before version 0.19.3."
Attack vector
The advisory does not describe any attack vector. The CVE description states the issue has "unknown impact and attack vectors," so no preconditions or payload shape can be determined from the supplied bundle.
Affected code
The advisory does not specify which files or functions are affected. The CVE description only states that Mantis before 0.19.3 caches the User ID longer than necessary.
What the fix does
The advisory does not include a patch or remediation guidance. The CVE description only notes that the issue is fixed in Mantis 0.19.3, but no details about what the fix changes are provided.
Generated on Jun 16, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7News mentions
0No linked articles in our index yet.