Linux Distros Unpatched Vulnerability : CVE-2022-40151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may...

Apache Struts 2 REST Plugin XStream XML Request Deserialization RCE

The remote web application appears to use the Apache Struts 2 web framework. A remote code execution vulnerability exists in the REST plugin, which uses XStreamHandler to insecurely deserialize user-supplied input in XML requests. An unauthenticated, remote attacker can exploit this, via a...

Apache Struts 2.1.x >= 2.1.2 / 2.2.x / 2.3.x < 2.3.34 / 2.5.x < 2.5.13 Multiple Vulnerabilities (S2-050 - S2-053)

The version of Apache Struts running on the remote host is 2.1.x subsequent or equal to 2.1.2, 2.2.x, 2.3.x prior to 2.3.34, or 2.5.x prior to 2.5.13. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability in the REST plugin. The Struts REST plugin uses an...

CVE-2022-40154

Removed by vendor...