pkg:Maven/org.apache.tapestry:tapestry-core

9 total CVEsCRITICAL3HIGH3MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2022-46366Apache Tapestry allows deserialization of untrusted data
    >= 3.0, < 5.0.1
  • CRITICAL9.8CVE-2019-0195Deserialization of Untrusted Data in Apache Tapestry
    >= 5.4.0, < 5.4.5
  • CRITICAL9.8CVE-2019-10071Timing attack on HMAC signature comparison in Apache Tapestry
    >= 5.4, < 5.4.5
  • HIGH7.5CVE-2022-31781Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking
    from 0, < 5.8.2
  • HIGH7.5CVE-2021-30638Information Exposure in Apache Tapestry
    >= 5.4.0, < 5.6.4
  • HIGH7.5CVE-2019-0207Path traversal attack on Windows platforms
    >= 5.4.0, < 5.4.5
  • MEDIUM5.3CVE-2020-13953Improper file downloads in Apache Tapestry
    >= 5.4.0, < 5.6.0
  • CVE-2014-1972Apache Tapestry Unsafe Object Storage
    from 0, < 5.3.6
  • CVE-2021-27850Remote code execution in Apache Tapestry
    >= 5.4.0, < 5.6.3