4 matches found
Apache Tapestry 5.4.0 < 5.6.4, 5.7.0 < 5.7.1 Information Disclosure Vulnerability
Apache Tapestry is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2021-30638
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
CVE-2021-30638
Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...
CVE-2021-30638
CVE-2021-30638 is an information-exposure vulnerability in Apache Tapestry caused by an incomplete fix for CVE-2020-13953 in context asset handling. It affects Apache Tapestry versions 5.4.0 through 5.6.3, and 5.7.0 through 5.7.1. An attacker can construct a URL to download files inside WEB-INF, ...