25 matches found
CVE-2026-13953 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13953 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13953
creationtimestamp| type| source ---|---|--- 2026-07-02 07:47:08+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:19:50+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...
CVE-2026-13953
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13953
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13953
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
EUVD-2022-1426
Malicious code in bioql PyPI...
CVE-2024-13953
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13953
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-13953 Sensitive Information disclosed in log files
Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
GHSA-GHM8-MMX7-XVG2 Information Exposure in Apache Tapestry
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
Information Exposure in Apache Tapestry
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
com.nhl.bootique.tapestry:bootique-tapestry (=0.1), de.julielab:julie-elastic-query-components (=1.0.3) +31 more potentially affected by CVE-2020-13953 via org.apache.tapestry:tapestry-core (>=5.4.0 <=5.5.0)
org.apache.tapestry:tapestry-core MAVEN version =5.4.0, =1.2.0, =0.2, =1.1, =1.2.0, =1.1.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.5.0-beta-3 and more Source cves: CVE-2020-13953 Source advisory: OSV:GHSA-W9MP-P2WP-2XF7...
CVE-2018-13953
...
Information Disclosure
tapestry-core is vulnerable to information disclosure. Mishandling of URL allows an attacker to use malicious URL to list and download the JAVA webapp files from WEB-INF of the WAR being run. This CVE exists due to an incomplete fix for CVE-2020-13953...
CVE-2021-30638
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
Information disclosure
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
CVE-2021-30638
CVE-2021-30638 is an information-exposure vulnerability in Apache Tapestry caused by an incomplete fix for CVE-2020-13953 in context asset handling. It affects Apache Tapestry versions 5.4.0 through 5.6.3, and 5.7.0 through 5.7.1. An attacker can construct a URL to download files inside WEB-INF, ...
Apache Tapestry Information Disclosure (CVE-2020-13953)
An information disclosure vulnerability exists in Apache Tapestry. This vulnerability is due to URL manipulation that allows Java webapp files inside WEB-INF to be listed and downloaded...
CVE-2020-13953
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...