Monthly archive for February 2014
CVE-2013-2055 - Apache Wicket Information disclosure vulnerability
06 Feb 2014
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: Apache Wicket 1.4.22, 1.5.10 and 6.7.0
Description: It is possible to make Wicket deliver the HTML templates in their raw/non-processed form. An attacker could see any sensitive information in the part of the HTML template that is usually ignored during rendering. For example if th...
moreWicket 1.4.23 released
06 Feb 2014
This is twenty thirdth release of the Wicket 1.4.x series. This is a security bugfix release on the 1.4.x branch. Read CVE-2013-2055 for more information.
- Git tag
- To use in Maven:
<dependency>
...Wicket 1.5.11 released
06 Feb 2014
This is the eleventh maintenance release of the Wicket 1.5.x series. This release brings over 34 bug fixes and improvements.
<dependency>
<groupId>org.apache.wick...Apache Wicket 6.14.0 released
20 Feb 2014
The Apache Wicket PMC is proud to announce Apache Wicket 6.14.0!
This release marks the fourteenth minor release of Wicket 6. Starting with Wicket 6 we us...
moreCVE-2014-0043 - Apache Wicket Information disclosure vulnerability
21 Feb 2014
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: Apache Wicket 1.5.10 and 6.13.0
Description:
By issuing requests to special urls handled by Wicket it is possible to check for the existence of particular classes in the classpath and thus check wheth...
more