4 matches found
K65065347: Apache Struts vulnerability CVE-2018-1327
Security Advisory Description The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as...
org.apache.struts:struts2-assembly (>=2.2.1 <=2.5.14.1), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.5.14.1) +5 more potentially affected by CVE-2018-1327 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.5.14.1)
org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2018-1327 Source advisory: OSV:GHSA-38CR-2PH5-FRR9...
Security Bulletin: Public disclosed vulnerability from Apache Struts affects IBM Platform Application Center.
Summary Public disclosed vulnerability from Apache Struts affects IBM Platform Application Center. Vulnerability Details CVEID: CVE-2018-1327 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted XML request using the XStream handler with the Struts REST...
Apache Struts2 S2-056(CVE-2018-1327)
Summary A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...