VYPR

Maven package

org.apache.tapestry/tapestry-project

pkg:maven/org.apache.tapestry/tapestry-project

Vulnerabilities (1)

  • CVE-2020-17531Dec 8, 2020
    affected >= 4.0, < 5.0.1fixed 5.0.1

    A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 an