CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-0043

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://lists.apache.org/thread.html/d95e962f2f059a09f5abf7086c3f4ed22d2ae2c21499d0de95d4435d%401392986987%40%3Cannounce.wicket.apache.org%3E
https://lists.apache.org/thread.html/d95e962f2f059a09f5abf7086c3f4ed22d2ae2c21499d0de95d4435d%401392986987%40%3Cannounce.wicket.apache.org%3E

Products affected by CVE-2014-0043

Apache » Wicket » Version: 1.5.10

cpe:2.3:a:apache:wicket:1.5.10
Apache » Wicket » Version: 6.13.0

cpe:2.3:a:apache:wicket:6.13.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0043

Products

Pricing

Contact Us