CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13953

In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.0%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-13953

Apache » Tapestry » Version: 5.4.0

cpe:2.3:a:apache:tapestry:5.4.0
Apache » Tapestry » Version: 5.4.1

cpe:2.3:a:apache:tapestry:5.4.1
Apache » Tapestry » Version: 5.4.2

cpe:2.3:a:apache:tapestry:5.4.2
Apache » Tapestry » Version: 5.4.3

cpe:2.3:a:apache:tapestry:5.4.3
Apache » Tapestry » Version: 5.4.4

cpe:2.3:a:apache:tapestry:5.4.4
Apache » Tapestry » Version: 5.4.5

cpe:2.3:a:apache:tapestry:5.4.5
Apache » Tapestry » Version: 5.5.0

cpe:2.3:a:apache:tapestry:5.5.0
Apache » Tapestry » Version: 5.6.0

cpe:2.3:a:apache:tapestry:5.6.0
Apache » Tapestry » Version: 5.6.1

cpe:2.3:a:apache:tapestry:5.6.1
Apache » Tapestry » Version: 5.6.2

cpe:2.3:a:apache:tapestry:5.6.2
Apache » Tapestry » Version: 5.6.3

cpe:2.3:a:apache:tapestry:5.6.3
Apache » Tapestry » Version: 5.7.0

cpe:2.3:a:apache:tapestry:5.7.0
Apache » Tapestry » Version: 5.7.1

cpe:2.3:a:apache:tapestry:5.7.1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved