VulnerableCode Package Details - pkg:deb/debian/tiles@3.0.7-4?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/tiles@3.0.7-4?distro=trixie

Essentials
History (3)

purl	pkg:deb/debian/tiles@3.0.7-4?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-eury-mu1z-w3bp	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.	CVE-2009-1275 GHSA-2c6q-rgvj-66rx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:53:26.310947+00:00	Debian Importer	Fixing	VCID-eury-mu1z-w3bp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:07:01.245388+00:00	Debian Importer	Fixing	VCID-eury-mu1z-w3bp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:55:17.591791+00:00	Debian Importer	Fixing	VCID-eury-mu1z-w3bp	https://security-tracker.debian.org/tracker/data/json	38.1.0