3 matches found
Security Advisory - Remote Code Execution Vulnerability in Jackson JSON library of Apache Struts2
Apache Struts2 released a remote code execution vulnerability in S2-055 on the official website. An attacker is possible to perform a Remote Code Execution RCE attack with a malicious JSON packet. Vulnerability ID: HWPSIRT-2017-12002 This vulnerability has been assigned a Common Vulnerabilities a...
Apache Struts 2.5.x < 2.5.14.1 Json-lib JSON Parsing Unspecified DoS (S2-054) (S2-055)
The version of Apache Struts running on the remote host is 2.5.x prior to 2.5.14.1. It is, therefore, affected by an unspecified flaw that is triggered when parsing JSON. This allows a remote attacker to cause a denial of service. Note that Nessus has not tested for these issues but has instead...
Apache Struts2 S2-055 DoS Vulnerability
Exploit for multiple platform in category dos / poc Summary Vulnerability in the Jackson JSON library Who should read this All Struts 2 developers and users which are using the REST plugin Impact of vulnerability Not clear, please read the linked issue for more details...