Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2018/10/16 7:35 p.m.4 views

org.apache.struts:struts2-assembly (>=2.5.1 <=2.5.14.1), org.apache.struts:struts2-rest-showcase (>=2.5.1 <=2.5.14.1) potentially affected by CVE-2017-15707 via org.apache.struts:struts2-rest-plugin (>=2.5.1 <=2.5.14.1)

org.apache.struts:struts2-rest-plugin MAVEN version =2.5.1, =2.5.1, =2.5.1, =2.5.14.1 Source cves: CVE-2017-15707 Source advisory: OSV:GHSA-XCRM-QPP8-HCW4...

6.2CVSS6.7AI score0.04889EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:5 p.m.29 views

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected by a Public disclosed vulnerability from Apache Struts vulnerability (CVE-2017-15707)

Summary IBM Security Guardium Database Activity Monitor has addressed the following vulnerability Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST...

6.2CVSS0.9AI score0.04889EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 2:19 p.m.51 views

Security Bulletin: A vulnerability in Struts affects IBM InfoSphere Metadata Workbench

Summary A Struts vulnerability affects IBM InfoSphere Metadata Workbench. Vulnerability Details CVEID: CVE-2017-15707 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted JSON request using outdated json-lib with the Struts REST plugin, a remote attacker...

6.2CVSS1.9AI score0.04889EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/12/04 12:0 a.m.91 views

Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspecified DoS (S2-054) (S2-055)

The version of Apache Struts running on the remote host is 2.5.x prior to 2.5.14.1. It is, therefore, affected by an unspecified flaw that is triggered when parsing JSON. This allows a remote attacker to cause a denial of service. Note that Nessus has not tested for these issues but has instead...

9.8CVSS7.5AI score0.37925EPSS
Exploits9References5
CVE
CVE
added 2017/12/01 4:0 p.m.105 views

CVE-2017-15707

Apache Struts REST plugin (versions 2.5–2.5.14) is vulnerable due to the REST plugin using an outdated JSON-lib library, enabling a remote attacker to cause a denial of service by sending a specially crafted JSON payload. Vulnerable component: Struts 2.x with REST plugin; root cause: insecure JSO...

6.2CVSS6.2AI score0.04889EPSS
Exploits2References6Affected Software1
seebug.org
seebug.org
added 2017/12/01 12:0 a.m.45 views

Apache Struts2 S2-054(CVE-2017-15707)

Summary A crafted JSON request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...

5CVSS2.1AI score0.04889EPSS
Exploits2
Rows per page
Query Builder