1986 matches found
Security Bulletin: Vulnerabilities in Apache Struts affect IBM Tivoli Application Dependency Discovery Manager. (CVE-2023-34396, CVE-2023-34149)
Summary Vulnerabilities in Apache Struts affect IBM Tivoli Application Dependency Discovery Manager CVE-2023-34396, CVE-2023-34149 Vulnerability Details CVEID:CVE-2023-34396 DESCRIPTION: Apache Struts is vulnerable to a denial of service, caused by a flaw when processing Multipart request...
The vulnerability of the Apache Struts software platform, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the Apache Struts software platform is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the Apache Struts software platform, related to unlimited resource distribution, allows attackers to cause service failures.
The vulnerability of the Apache Struts software platform is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...
K000135251: Apache Struts vulnerability CVE-2023-34396
Security Advisory Description Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater CVE-2023-34396 Impact There is no impact; F5...
K000135156: Apache Struts vulnerability CVE-2023-34149
Security Advisory Description Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater. CVE-2023-34149 Impact There is no impact; F...
Apache Struts Denial of Service Vulnerability (CNVD-2023-55422)
Apache Struts is the United States Apache Apache Foundation, an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2. Apache Struts denial of service...
Apache Struts Denial of Service Vulnerability (CNVD-2023-55432)
Apache Struts is the United States Apache Apache Foundation, an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications , mainly provides two versions of the framework products , Struts 1 and Struts 2. Apache Struts there is a denial of...
SUSE CVE-2023-34396
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
GHSA-4G42-GQRG-4633 Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory OOM owing to no sanity limit on normal form fields in multipart forms. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to an OOM if developer has set...
GHSA-8F6X-V685-G2XC Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory OOM owing to not properly checking of list bounds. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to OOM if developer has set struts.multipart.maxSize to a...
Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory OOM owing to no sanity limit on normal form fields in multipart forms. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to an OOM if developer has set...
Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory OOM owing to not properly checking of list bounds. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to OOM if developer has set struts.multipart.maxSize to a...
CVE-2023-34149
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
CVE-2023-34149
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
CVE-2023-34396
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
CVE-2023-34396
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
Code injection
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
CVE-2023-34149
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
Code injection
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...
CVE-2023-34396
Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater...