Lucene search
PRIOn knowledge basePRION:CVE-2021-30638HistoryApr 27, 2021 - 7:15 p.m.
Information disclosure
2021-04-2719:15:00
PRIOn knowledge base
www.prio-n.com
6
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to Apache Tapestry 5.6.3; Apache Tapestry 5.7.0 version and Apache Tapestry 5.7.1.
Related
veracode
veracode
Information Disclosure
2021-04-28 06:39:37
Information Disclosure
2020-10-01 06:38:32
osv
osv
Information Exposure in Apache Tapestry
2022-03-18 17:53:58
CVE-2021-30638
2021-04-27 19:15:07
CVE-2020-13953
2020-09-30 18:15:21
cve
cve
CVE-2021-30638
2021-04-27 19:15:07
CVE-2020-13953
2020-09-30 18:15:21
openvas
openvas
github
github
Information Exposure in Apache Tapestry
2022-03-18 17:53:58
Improper file downloads in Apache Tapestry
2022-02-10 20:35:42
nvd
nvd
CVE-2021-30638
2021-04-27 19:15:07
CVE-2020-13953
2020-09-30 18:15:21
cvelist
cvelist
CVE-2021-30638 An Information Disclosure due to insufficient input validation exists in Apache Tapestry 5.4.0 and later
2021-04-27 18:30:15
CVE-2020-13953
2020-09-30 16:51:59
prion
prion
Code injection
2020-09-30 18:15:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
Apache Tapestry Information Disclosure (CVE-2021-30638)
2021-06-01 00:00:00
Apache Tapestry Information Disclosure (CVE-2020-13953)
2020-12-22 00:00:00