Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

F5 Networks
F5 Networksadded 2023/02/21 6:53 p.m.70 views

K12542008: Apache Struts vulnerabilities CVE-2017-9793 and CVE-2017-9804

Security Advisory Description CVE-2017-9793 The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload. CVE-2017-9804 In Apache Stru...

7.5CVSS7AI score0.07937EPSS
Exploits22
Github Security Blog
Github Security Blogadded 2018/10/16 7:37 p.m.45 views

Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this...

7.5CVSS6.5AI score0.04618EPSS
Exploits22References10Affected Software1
Prion
Prionadded 2017/09/20 5:29 p.m.28 views

Code injection

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this...

5CVSS6.9AI score0.94322EPSS
Exploits23References7Affected Software1
NVD
NVDadded 2017/09/20 5:29 p.m.21 views

CVE-2017-9804

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this...

7.5CVSS6AI score0.04618EPSS
Exploits22References7
Cvelist
Cvelistadded 2017/09/20 5:0 p.m.26 views

CVE-2017-9804

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this...

6.6AI score0.04618EPSS
Exploits22References7
RedhatCVE
RedhatCVEadded 2017/09/05 2:19 p.m.40 views

CVE-2017-9804

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this...

7.5CVSS2.8AI score0.04618EPSS
Exploits22References2
OpenVAS
OpenVASadded 2017/07/18 12:0 a.m.36 views

Apache Struts Security Update (S2-047)

Apache Struts is prone to a denial of service DoS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.9CVSS6.4AI score0.01346EPSS
Exploits22References2
Rows per page
Query Builder