Monthly archive for February 2014

CVE-2013-2055 - Apache Wicket Information disclosure vulnerability

06 Feb 2014

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.4.22, 1.5.10 and 6.7.0

Description: It is possible to make Wicket deliver the HTML templates in their raw/non-processed form. An attacker could see any sensitive information in the part of the HTML template that is usually ignored during rendering. For example if th...

more

Wicket 1.4.23 released

06 Feb 2014

This is twenty thirdth release of the Wicket 1.4.x series. This is a security bugfix release on the 1.4.x branch. Read CVE-2013-2055 for more information.

<dependency>
    ...
more

Wicket 1.5.11 released

06 Feb 2014

This is the eleventh maintenance release of the Wicket 1.5.x series. This release brings over 34 bug fixes and improvements.

<dependency>
    <groupId>org.apache.wick...
more

Apache Wicket 6.14.0 released

20 Feb 2014

The Apache Wicket PMC is proud to announce Apache Wicket 6.14.0!

This release marks the fourteenth minor release of Wicket 6. Starting with Wicket 6 we us...

more

CVE-2014-0043 - Apache Wicket Information disclosure vulnerability

21 Feb 2014

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Wicket 1.5.10 and 6.13.0

Description:

By issuing requests to special urls handled by Wicket it is possible to check for the existence of particular classes in the classpath and thus check wheth...

more
js29金沙