109 matches found
org.apache.struts:struts2-assembly (>=2.5.1 <=2.5.12), org.apache.struts:struts2-rest-showcase (>=2.5.1 <=2.5.12) potentially affected by CVE-2017-9793 +1 more via org.apache.struts:struts2-rest-plugin (>=2.5.1 <=2.5.12)
org.apache.struts:struts2-rest-plugin MAVEN version =2.5.1, =2.5.1, =2.5.1, =2.5.12 Source cves: CVE-2017-9793, CVE-2017-9805 Source advisory: OSV:GHSA-VWXJ-6M5M-RRVH...
org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.33), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.33) +5 more potentially affected by CVE-2017-9793 +1 more via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.33)
org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2017-9793, CVE-2017-9805 Source advisory: OSV:GHSA-VWXJ-6M5M-RRVH...
The REST Plugin in Apache Struts is using an outdated XStream library
The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...
GHSA-VWXJ-6M5M-RRVH The REST Plugin in Apache Struts is using an outdated XStream library
The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...
org.apache.struts:struts2-assembly (>=2.5.1 <=2.5.14.1), org.apache.struts:struts2-rest-showcase (>=2.5.1 <=2.5.14.1) potentially affected by CVE-2017-15707 via org.apache.struts:struts2-rest-plugin (>=2.5.1 <=2.5.14.1)
org.apache.struts:struts2-rest-plugin MAVEN version =2.5.1, =2.5.1, =2.5.1, =2.5.14.1 Source cves: CVE-2017-15707 Source advisory: OSV:GHSA-XCRM-QPP8-HCW4...
GHSA-XCRM-QPP8-HCW4 Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...
org.apache.struts:struts2-assembly (>=2.2.1 <=2.5.14.1), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.5.14.1) +5 more potentially affected by CVE-2018-1327 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.5.14.1)
org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2018-1327 Source advisory: OSV:GHSA-38CR-2PH5-FRR9...
GHSA-38CR-2PH5-FRR9 Apache Struts REST Plugin can potentially allow a DoS attack
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
Apache Struts REST Plugin can potentially allow a DoS attack
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
Apache Struts REST Plugin OGNL Expression Handling RCE
Remote command execution vulnerability in Apache Struts REST Plugin OGNL expression handling Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
Apache Struts2 REST Plugin XStream DoS (CVE-2017-9793) - Ver2
A vulnerability exists in Apache. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Denial Of Service (DoS)
Apache Struts REST plugin is vulnerable to denial of service DoS attacks. The application uses a version of the xstream library before version 1.4.10, which can crash when attempting to unmarshal void. This is related to CVE-2017-7957...
CVE-2018-1327
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
Design/Logic Flaw
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
CVE-2018-1327
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
CVE-2018-1327
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
CVE-2018-1327
CVE-2018-1327 affects the Apache Struts REST Plugin via the XStream deserialization path, enabling a remote DoS when a malicious XML payload is processed. The advisory chain shows that upgrading to Struts 2.5.16 and switching to the optional Jackson XML handler (or implementing a custom XML handl...
CVE-2018-1327
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here...
Apache Struts2 S2-056(CVE-2018-1327)
Summary A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...
BSA-2018-588
Security Advisory ID : BSA-2018-588 Component : Apache Strusts2 Revision : 2.0: Final In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...