Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/02/18 1:45 a.m.59 views

Security Bulletin: Vulnerabilities in Apache Struts affect the IBM FlashSystem models 840 and 900 (CVE-2016-0785 CVE-2016-2162)

Summary Open Source Apache Struts vulnerabilities were disclosed in March 2016. Struts is used by IBM® FlashSystem™ 840 and IBM FlashSystem 900 in its Service Assistant GUI. Vulnerability Details CVEID: CVE-2016-0785 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary co...

9CVSS8.1AI score0.08812EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 1:5 a.m.15 views

Apache Struts forced double OGNL evaluation

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

9CVSS7.8AI score0.0802EPSS
Exploits0References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/14 12:52 a.m.7 views

com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=2.0.2 <=2.0.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (>=2.0.2 <=2.0.4) +42 more potentially affected by CVE-2016-0785 via org.apache.struts:struts2-core (>=2.3.24 <=2.3.24.1)

org.apache.struts:struts2-core MAVEN version =2.3.24, =2.0.2, =2.0.2, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24.1 and more Source cves: CVE-2016-0785 Source advisory: OSV:GHSA-876P-4WGC-75RX...

9CVSS7.2AI score0.08812EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 12:52 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +214 more potentially affected by CVE-2016-0785 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-0785 Source advisory: OSV:GHSA-876P-4WGC-75RX...

9CVSS7.2AI score0.08812EPSS
Exploits0
F5 Networks
F5 Networks
added 2016/04/25 12:0 a.m.251 views

SOL17588029 - Apache Struts vulnerabilities CVE-2016-0785, CVE-2016-2162, CVE-2016-3081, CVE-2016-3082, and CVE-2016-4003

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.9AI score0.9373EPSS
Exploits12References4
Rows per page
Query Builder