VYPR
Medium severity5.3NVD Advisory· Published Oct 3, 2017· Updated Jun 17, 2026

CVE-2014-0043

CVE-2014-0043

Description

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.wicket:wicket-coreMaven
>= 1.5-RC1, < 1.5.111.5.11
org.apache.wicket:wicket-coreMaven
>= 6.0.0-beta1, < 6.14.06.14.0

Affected products

4
  • Apache/Wicket2 versions
    cpe:2.3:a:apache:wicket:1.5.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apache:wicket:1.5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.13.0:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 1.5-RC1, < 1.5.11
  • Apache Software Foundation/Apache Wicketv5
    Range: 1.5.10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.