Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2016-3093

Summary IBM TRIRIGA Application Platform discloses CVE-2016-3093 Vulnerability Details CVEID:CVE-2016-3093 DESCRIPTION: Apache Struts is vulnerable to a denial of service, caused by the improper implementation of cache used to store method references by the OGNL expression language. An attacker...

berkano:bean-displaytag (>=20050615.234814 <=20050616.015551), berkano:berkano-util (>=dev-20050722 <=dev-20050723) +877 more potentially affected by CVE-2016-3093 via ognl:ognl (>=2.5.1 <=3.0.11)

ognl:ognl MAVEN version =2.5.1, =20050615.234814, =dev-20050722, =2.0, =1.0.1, =1.0.0, =1.0.1, =3.1.1, =1.0.0, =1.0.0, =2.0.0, =1.2.4, =3.0.1 - ca.stellardrift.guice-backport.extensions:guice-struts2 =5.0.1 and more Source cves: CVE-2016-3093 Source advisory: OSV:GHSA-383P-XQXX-RRMP...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +216 more potentially affected by CVE-2016-3093 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.24.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-3093 Source advisory: OSV:GHSA-383P-XQXX-RRMP...

Security Bulletin: IBM Sterling Order Management is affected by Apache Struts 2 security vulnerabilities (CVE-2016-3093 , CVE-2016-4436)

Summary IBM Sterling Order Management uses Apache Struts 2 and is affected by some of the vulnerabilities that exist in Apache Struts 2 Vulnerability Details CVEID: CVE-2016-3093 DESCRIPTION: Apache Struts is vulnerable to a denial of service, caused by the improper implementation of cache used t...

SOL23432135 - Apache Struts 2 vulnerability CVE-2016-3093

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

CVE-2016-3093

Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service block access to a web site via unspecified vectors...

CVE-2016-3093

CVE-2016-3093 affects Apache Struts 2.0.0–2.3.24.1. The vulnerability is due to improper caching of method references when OGNL is used, enabling a remote attacker to cause a denial of service (block access to a website). Several connected advisories corroborate the issue and label the impact as ...