PT-2024-4004 · Apache · Apache Wicket

Name of the Vulnerable Software and Affected Versions: Apache Wicket versions prior to 10.1.0 Apache Wicket versions prior to 9.18.0 Apache Wicket versions prior to 8.16.0 Description: The issue is related to incorrect code generation management in the Apache Wicket framework, allowing a remote...

AZL-75801 CVE-2024-34064 affecting package nodejs24 for versions less than 24.13.0-1

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as...