On Mon, Oct 7, 2019 at 11:39 AM Nourredine K.
wrote:
> Hello Thiago,
>
Hello!
> Same question here.
>
> Does this CVE concern only Tapestry 5.4 ? What about 5.3 ?
>
Versions affected: all Apache Tapestry versions between 5.4.0, including
its betas, and 5.4.3.
--
Thiago
Hello Thiago,
Same question here.
Does this CVE concern only Tapestry 5.4 ? What about 5.3 ?
Regards,
Nouredine
Le ven. 13 sept. 2019 à 17:02, Thiago H. de Paula Figueiredo <
thiag...@gmail.com> a écrit :
> I'm afraid I've mad an error. It should have been CVE-2019-10071: New Issue
> in Fix
I'm afraid I've mad an error. It should have been CVE-2019-10071: New Issue
in Fix for CVE-2014-1972
On Fri, Sep 13, 2019 at 11:39 AM Thiago H. de Paula Figueiredo <
thiag...@gmail.com> wrote:
> CVE-2019-0207: Apache Tapestry 5.4.2 Path Traversal vulnerability
> Severity: important
> Vendor: The
CVE-2019-0207: Apache Tapestry 5.4.2 Path Traversal vulnerability
Severity: important
Vendor: The Apache Software Foundation
Versions affected: all Apache Tapestry versions between 5.4.0, including
its betas, and 5.4.3.
Description: The code which checks HMAC in form submissions used
String.equals
