com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.0.5-RELEASE), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=2.5.1) +73 more potentially affected by CVE-2016-4465 via org.apache.struts:struts2-core (>=2.5.1 <=2.5.12)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.0.3-RELEASE, =0.9.4, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.12 - org.apache.struts:struts2-java8-support-plugin =2.5.1 and more Source cves: CVE-2016-4465 Source advisory: OSV:GHSA-XG75-68X3-7P3Q...

com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +62 more potentially affected by CVE-2016-4465 via org.apache.struts:struts2-core (>=2.3.20 <=2.3.28.1)

org.apache.struts:struts2-core MAVEN version =2.3.20, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =2.0.1, =2.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.7 - com.weicoder:frame =1.1.0 and more Source cves: CVE-2016-4465 Source advisory: OSV:GHSA-XG75-68X3-7P3Q...

Apache Struts 2.3.20 < 2.3.29 / 2.5.x < 2.5.13 Denial of Service Vulnerability (S2-041)

The version of Apache Struts running on the remote Windows host is 2.3.20 prior to 2.3.29 or 2.5.x 2.5.13. It is, therefore, affected by a denial of service vulnerability in URLValidator due to improper handling of form fields. An unauthenticated, remote attacker can exploit this, via a crafted...

Apache Struts Security Update (S2-041)

Apache Struts is prone to a Denial of Service DoS vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache Struts DoS Vulnerability (S2-041) - Linux

Apache Struts is prone to a Denial of Service DoS vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apache Struts URLValidator Denial of Service (CVE-2016-4465)

A denial of service vulnerability exists in Apache Struts URLValidator. The vulnerability is due to insufficient validation of crafted URLs by the URLValidator. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a Struts 2 application...

CVE-2016-4465

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field...

CVE-2016-4465

CVE-2016-4465 affects Apache Struts 2, specifically the URLValidator. Versions 2.3.20–2.3.28.1 and 2.5.x before 2.5.1 are vulnerable to denial of service when a null value is submitted for a URL field, due to improper validation. The issue is caused by URLValidator handling flaws that allow an un...

CVE-2016-4465

The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field...