CVE-2014-0043
Description
In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
1.514
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2014-0043 are fixed in Apache-wicket-core 1.5.11 | Windows |
| Vulnerabilities CVE-2014-0043 are fixed in Apache-wicket-core 6.14.0 | Windows |
| Vulnerabilities CVE-2014-0043 are fixed in Apache-wicket-core for Linux 1.5.11 | Linux |
| Vulnerabilities CVE-2014-0043 are fixed in Apache-wicket-core for Linux 6.14.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234