CVE-2021-27850
Deserialization of Untrusted Data in maven/org.apache.tapestry/tapestry-core
Identifiers
CVE-2021-27850
Package Slug
maven/org.apache.tapestry/tapestry-core
Vulnerability
Deserialization of Untrusted Data
Description
A critical unauthenticated remote code execution vulnerability was found in Apache Tapestry.
Affected Versions
All versions starting from 5.4.0 before 5.6.2, all versions starting from 5.7.0 before 5.7.1
Solution
Upgrade to versions 5.6.2, 5.7.1 or above.
Last Modified
2021-04-23
| source |