VYPR
High severity7.5NVD Advisory· Published Oct 30, 2017· Updated Jun 17, 2026

CVE-2014-3526

CVE-2014-3526

Description

Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.wicket:wicket-coreMaven
< 1.5.121.5.12
org.apache.wicket:wicket-coreMaven
>= 6.0, < 6.17.06.17.0
org.apache.wicket:wicket-coreMaven
>= 7.0.0-M1, < 7.0.0-M37.0.0-M3

Affected products

27
  • Apache/Wicket26 versions
    cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*range: >=1.5.0,<1.5.12
    • cpe:2.3:a:apache:wicket:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.0.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.14.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.15.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.16.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:6.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:7.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:7.0.0:milestone1:*:*:*:*:*:*
    • cpe:2.3:a:apache:wicket:7.0.0:milestone2:*:*:*:*:*:*
  • ghsa-coords
    Range: < 1.5.12

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.