1. Home
  2. Packages
  3. maven
  4. org.apache.tapestry
  5. tapestry-core

pkg:maven/org.apache.tapestry/tapestry-core

Type maven
Namespace org.apache.tapestry
Name tapestry-core

Known advisories, vulnerabilities and fixes for org.apache.tapestry/tapestry-core package.

Repository
https://mvnrepository.com/artifact/org.apache.tapestry/tapestry-core
Critical 4
High 4
Moderate 1
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected < 5.8.2 CVE-2022-31781
maven MAVEN:GHSA-227G-7CVV-6FF3 Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking high 2022-07-14T00:00:23
(2 years ago)
Fixed = 5.8.2 CVE-2022-31781
maven MAVEN:GHSA-227G-7CVV-6FF3 Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking high 2022-07-14T00:00:23
(2 years ago)
Affected >= 5.4.0, < 5.4.5 CVE-2019-0195
maven MAVEN:GHSA-6MWH-FW4P-75FJ Deserialization of Untrusted Data in Apache Tapestry critical 2022-05-24T22:00:35
(2 years ago)
Fixed = 5.4.5 CVE-2019-0195
maven MAVEN:GHSA-6MWH-FW4P-75FJ Deserialization of Untrusted Data in Apache Tapestry critical 2022-05-24T22:00:35
(2 years ago)
Affected >= 5.4.0, < 5.4.5 CVE-2019-0207
maven MAVEN:GHSA-89R3-RCPJ-H7W6 Path traversal attack on Windows platforms high 2019-11-18T17:19:03
(4 years ago)
Fixed = 5.4.5 CVE-2019-0207
maven MAVEN:GHSA-89R3-RCPJ-H7W6 Path traversal attack on Windows platforms high 2019-11-18T17:19:03
(4 years ago)
Affected < 5.3.6 CVE-2014-1972
maven MAVEN:GHSA-C438-8CVQ-PXXX Apache Tapestry Unsafe Object Storage high 2022-05-13T01:26:11
(2 years ago)
Fixed = 5.3.6 CVE-2014-1972
maven MAVEN:GHSA-C438-8CVQ-PXXX Apache Tapestry Unsafe Object Storage high 2022-05-13T01:26:11
(2 years ago)
Affected >= 5.4, < 5.4.5 CVE-2019-10071
maven MAVEN:GHSA-FGMR-VX7C-5WJ6 Timing attack on HMAC signature comparison in Apache Tapestry critical 2019-09-26T21:30:34
(5 years ago)
Fixed = 5.4.5 CVE-2019-10071
maven MAVEN:GHSA-FGMR-VX7C-5WJ6 Timing attack on HMAC signature comparison in Apache Tapestry critical 2019-09-26T21:30:34
(5 years ago)
Affected >= 5.7.0, < 5.7.2 >= 5.4.0, < 5.6.4 CVE-2021-30638
maven MAVEN:GHSA-GHM8-MMX7-XVG2 Information Exposure in Apache Tapestry high 2022-03-18T17:53:58
(2 years ago)
Fixed = 5.7.2 = 5.6.4 CVE-2021-30638
maven MAVEN:GHSA-GHM8-MMX7-XVG2 Information Exposure in Apache Tapestry high 2022-03-18T17:53:58
(2 years ago)
Affected >= 5.7.0, < 5.7.1 >= 5.4.0, < 5.6.3 CVE-2021-27850
maven MAVEN:GHSA-MJ8X-CPR8-X39H Remote code execution in Apache Tapestry critical 2021-06-16T17:33:19
(3 years ago)
Fixed = 5.7.1 = 5.6.3 CVE-2021-27850
maven MAVEN:GHSA-MJ8X-CPR8-X39H Remote code execution in Apache Tapestry critical 2021-06-16T17:33:19
(3 years ago)
Affected >= 3.0, < 4.0 CVE-2022-46366
maven MAVEN:GHSA-VC39-X7W6-6VJ7 Apache Tapestry allows deserialization of untrusted data critical 2022-12-02T15:30:26
(21 months ago)
Fixed = 5.0.1 CVE-2022-46366
maven MAVEN:GHSA-VC39-X7W6-6VJ7 Apache Tapestry allows deserialization of untrusted data critical 2022-12-02T15:30:26
(21 months ago)
Affected >= 5.4.0, < 5.6.0 CVE-2020-13953
maven MAVEN:GHSA-W9MP-P2WP-2XF7 Improper file downloads in Apache Tapestry moderate 2022-02-10T20:35:42
(2 years ago)
Fixed = 5.6.0 CVE-2020-13953
maven MAVEN:GHSA-W9MP-P2WP-2XF7 Improper file downloads in Apache Tapestry moderate 2022-02-10T20:35:42
(2 years ago)