QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2014-0043

Back to search

CVE-2014-0043

Published: Oct 2, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.

VendorProductVersions

Apache Software Foundation

Apache Wicket

affected
1.5.10
affected
6.13.0

References

[wicket-announce] 20140221 CVE-2014-0043
mailing-list
x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now