CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

Apache Struts 'REST' Plugin Multiple Vulnerabilities (S2-054, S2-055) - Linux

Apache Struts is prone multiple vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Denial Of Service (DoS)

struts2-rest-plugin is vulnerable to denial of service DoS attacks. These attacks are possible through the use of a vulnerable version of the json-lib library. Attackers can trigger a DoS attack using a JSON payload which causes a memory leak to occur...

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

Design/Logic Flaw

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

CVE-2017-15707

Apache Struts REST plugin (versions 2.5–2.5.14) is vulnerable due to the REST plugin using an outdated JSON-lib library, enabling a remote attacker to cause a denial of service by sending a specially crafted JSON payload. Vulnerable component: Struts 2.x with REST plugin; root cause: insecure JSO...

Apache Struts2 S2-054(CVE-2017-15707)

Summary A crafted JSON request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...

Apache Struts2 S2-055(CVE-2017-7525)

Summary Vulnerability in the Jackson JSON library | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | Not clear, please read the linked issue for more details...

CVE-2017-9793

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...

Design/Logic Flaw

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...

CVE-2017-9793

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...

CVE-2017-9793

CVE-2017-9793 affects Apache Struts 2 REST plugin in 2.1.x and 2.3.x/2.5.x branches where an outdated XStream library is used, enabling DoS via a crafted XML payload during deserialization. The related connected sources corroborate a broader issue with the Struts REST plugin using XStream without...

CVE-2017-9793

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload...

Apache Struts 2 REST Plugin XStream Denial of Service (CVE-2017-9793)

A denial-of-service vulnerability exists in the Apache Struts 2 REST plugin. The vulnerability is due improper validation of XML input by the XStream library, during the deserialization process. A remote attacker could exploit this vulnerability by sending a crafted XML payload to the target serv...

CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

CVE-2017-9805

CVE-2017-9805 affects the Apache Struts 2 REST plugin. The REST plugin uses an XStreamHandler with an XStream instance to deserialize XML without any type filtering, enabling remote code execution when processing crafted XML payloads. Affected versions are Struts 2.1.1–2.3.x before 2.3.34 and 2.5...

The vulnerability of the REST plugin of the Apache Struts software framework, which allows a hacker to execute arbitrary code.

The vulnerability of the REST plugin for the Apache Struts software platform exists due to the lack of filtering during deserialization of XML payloads. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Struts2 new flaws vulnerability bug（S2-052 presents the use case, and face the vulnerability flaws of the enterprise-the race against time-vulnerability warning-the black bar safety net

Prior to the black bar safety net it S2-052）vulnerabilities done in a special thematic report, I believe we also have understand! Recently from the Cisco Talos experimental study of the analysis chamber and NVISO laboratory for the research staff also found that there was an attacker of real use ...