Tapestry@* Security Vulnerabilities and Issues — Tapestry@* CVE List

Lucene search

ApacheTapestry*

10 matches found

CVE•added 2021/04/15 8:15 a.m.•184 views

CVE-2021-27850

A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possib...

10CVSS9.8AI score0.94219EPSS

CVE•added 2019/09/16 4:15 p.m.•155 views

CVE-2019-0195

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbol ...

9.8CVSS9.1AI score0.15518EPSS

CVE•added 2019/09/16 6:15 p.m.•153 views

CVE-2019-10071

The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison...

9.8CVSS9.6AI score0.09816EPSS

CVE•added 2022/07/13 8:15 a.m.•112 views

CVE-2022-31781

Apache Tapestry up to version 5.8.1 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles Content Types. Specially crafted Content Types may cause catastrophic backtracking, taking exponential time to complete. Specifically, this is about the regular expression used on...

7.5CVSS7.5AI score0.01182EPSS

CVE•added 2019/09/16 5:15 p.m.•97 views

CVE-2019-0207

Tapestry processes assets /assets/ctx using classes chain StaticFilesFilter -> AssetDispatcher -> ContextResource, which doesn't filter the character \, so attacker can perform a path traversal attack to read any files on Windows platform.

7.5CVSS7.3AI score0.01368EPSS

CVE•added 2021/04/27 7:15 p.m.•82 views

CVE-2021-30638

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to Apac...

7.5CVSS6.1AI score0.05311EPSS

CVE•added 2022/12/02 2:15 p.m.•77 views

CVE-2022-46366

Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the (also unsupported) 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no l...

9.8CVSS9.6AI score0.17506EPSS

CVE•added 2020/12/08 1:15 p.m.•76 views

CVE-2020-17531

A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 and no update to addr...

9.8CVSS9.4AI score0.17506EPSS

CVE•added 2020/09/30 6:15 p.m.•70 views

CVE-2020-13953

In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.

5.3CVSS5.9AI score0.01797EPSS

CVE•added 2015/08/22 11:59 p.m.•68 views

CVE-2014-1972

Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.

7.8CVSS7.9AI score0.08822EPSS