EUVD-2022-4305

Malicious code in bioql PyPI...

Critical Apache Struts File Upload Vulnerability (CVE-2024-53677)—Risks, Implications, and Enterprise Countermeasures

Apache has announced a critical vulnerability affecting Apache Struts CVE-2024-53677, a widely used Java-based web application framework. Struts is integral to many enterprise environments due to its robust architecture, extensive data validation capabilities, and seamless integration with other...

K15282: Apache Struts vulnerability CVE-2014-0114

Security Advisory Description The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method. CVE-2014-0114 Impact A remote attacker may be able to...

Apache Struts Security Update (S2-061) - Active Check

Apache Struts is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-0785

Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation...

Updated struts packages fix CVE-2014-0114

Updated struts packages fix security vulnerability: It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running...

Important: Red Hat Security Advisory: struts security update

Updated struts packages that fix one security issue are now available for Red Hat Network Satellite 5.4 and 5.5, and Red Hat Satellite 5.6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...