Lucene search
K

5 matches found

SUSE Linux
SUSE Linux
added 2026/05/18 7:42 a.m.22 views

Security update for python3

This update for python3 fixes the following issue: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970. CVE-2026-4786: URLs prefixe...

9.1CVSS7.4AI score0.00579EPSS
Exploits1References20
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.5 views

SUSE CVE-2013-2251

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted 1 action:, 2 redirect:, or 3 redirectAction: prefix...

9.8CVSS8.1AI score0.99998EPSS
Exploits18References4
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.11 views

The vulnerability of the implementation of the DefaultActionMapper mechanism in the Apache Struts software framework allows attackers to circumvent security restrictions.

The vulnerability of the DefaultActionMapper mechanism implemented by the Apache Struts software platform is related to deficiencies in access control when processing the ‘action: prefix’ parameter. Exploiting this vulnerability allows an attacker to bypass security restrictions while operating...

7.2CVSS7.7AI score0.07457EPSS
Exploits1References5Affected Software5
OSV
OSV
added 2022/05/17 4:44 a.m.1 views

GHSA-Q5Q8-JGHF-3PM3 Apache Struts2 Broken Access Control Vulnerability

The Struts 2 action mapping mechanism supports the special parameter prefix action: which is intended to help with attaching navigational information to buttons within forms, under certain conditions this can be used to bypass security constraints. In Struts 2.3.15.3 the action mapping mechanism...

5.8CVSS7.2AI score0.07457EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2013/10/18 1:24 p.m.17 views

Apache Struts Update Patches Two Vulnerabilities

The group behind Apache have pushed out a new version of Struts, fixing two issues in the framework that were giving developers difficulties over the past several weeks. The Apache Software Foundation posted version 2.3.15.3 of the framework online Tuesday. The release fixes an access control...

7.7AI score
Exploits0References5
Rows per page
Query Builder