Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Critical Security Advisories for org.apache.struts:struts2-core Clear Filters

Critical
8 months ago

Apache Struts file upload logic is flawed GSA_kwCzR0hTQS00M21xLTZ4bWctMjl2bc4ABCSU

maven org.apache.struts:struts2-core
Critical
over 1 year ago

Apache Struts vulnerable to path traversal GSA_kwCzR0hTQS0yajM5LXFjam0tNDI4d84AA3mt

maven org.apache.struts:struts2-core
Critical
about 3 years ago

Remote Code Execution in Apache Struts GSA_kwCzR0hTQS1wdm05LTI4OGMtdjV3cc4AAdBO

maven org.apache.struts:struts2-core
Critical
about 3 years ago

Apache Struts improper action name cleanup GSA_kwCzR0hTQS14bTkyLXYybXEtODQycc4AAa4Q

maven org.apache.struts:struts2-core
Critical
about 3 years ago

Apache Struts vulnerable to arbitrary remote code execution due to improper input validation GSA_kwCzR0hTQS1tbWo2LWNqajQtaHByNc4AATRH

maven org.apache.struts:struts2-core
Critical
about 3 years ago

Arbitrary code execution in Apache Struts 2 GSA_kwCzR0hTQS00cHJqLXZ3OWotdjZwcs4AATRG

maven org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
Critical
over 3 years ago

Struts ParameterInterceptor vulnerability allows remote command execution GSA_kwCzR0hTQS1qNjhmLThoNnAtOWg1cc0-5A

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Expression Language Injection in Apache Struts GSA_kwCzR0hTQS12OGo2LTZjMnItcjI3Y807Ew

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Remote code execution in Apache Struts MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjMzUtcTM2OS00NXB2

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q

maven org.apache.struts:struts2-core
Critical
almost 7 years ago

Apache Struts vulnerable to remote arbitrary command execution due to improper input validation MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3N3EtMnFxZy02OTg5

maven org.apache.struts:struts2-core
Critical
almost 7 years ago

Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmeDktNWh4OC1jcmht

maven org.apache.struts:struts2-core

Filter by Severity

Moderate 10,068 High 8,040 Critical 3,303 Low 1,444

Filter by Ecosystem

npm 1,006 maven 952 packagist 591 pypi 509 go 317 cargo 165 rubygems 119 nuget 70 actions 6 hex 5 swift 2

Filter by Package

magento/community-edition 38 dolibarr/dolibarr 25 com.fasterxml.jackson.core:jackson-databind 24 com.liferay.portal:release.dxp.bom 20 org.jenkins-ci.main:jenkins-core 19 net.mingsoft:ms-mcms 19 salt 17 com.liferay.portal:release.portal.bom 16 moodle/moodle 16 magento/project-community-edition 15 drupal/core 14 Django 14 mlflow 14 topthink/framework 14 org.apache.dubbo:dubbo 13 org.xwiki.platform:xwiki-platform-oldcore 12 org.apache.struts:struts2-core 12 langchain 12 magento/core 11 gogs.io/gogs 11 drupal/drupal 10 apache-airflow 10 phpmyadmin/phpmyadmin 10 vm2 10 org.xwiki.platform:xwiki-platform-web-templates 10 ansible 9 funadmin/funadmin 9 github.com/argoproj/argo-cd 8 symfony/symfony 8 rdiffweb 8 org.xwiki.platform:xwiki-platform-administration-ui 8 shopware/platform 8 zendframework/zendframework1 8 froxlor/froxlor 8 rusqlite 7 paddlepaddle 7 studio-42/elfinder 7 github.com/rancher/rancher 7 github.com/argoproj/argo-cd/v2 7 sequelize 7 parse-server 7 vllm 7 mautic/core 6 org.apache.shiro:shiro-core 6 tensorflow 6 pillow 6 tensorflow-gpu 6 ezsystems/ezpublish-kernel 6 zendframework/zendframework 6 craftcms/cms 6 org.apache.inlong:manager-pojo 6 github.com/answerdev/answer 6 mercurial 6 thorsten/phpmyfaq 6 nilsteampassnet/teampass 6 typo3/cms 6 pyload-ng 6 aaptjs 6 org.jeecgframework.boot:jeecg-boot-common 6 steal 5 ckb 5 code.gitea.io/gitea 5 github.com/hashicorp/vault 5 org.xwiki.platform:xwiki-platform-web 5 Microsoft.ChakraCore 5 org.apache.tomcat.embed:tomcat-embed-core 5 shopware/core 5 librenms/librenms 5 safe-eval 5 github.com/mattermost/mattermost/server/v8 5 tensorflow-cpu 5 org.apache.openmeetings:openmeetings-parent 5 github.com/grafana/grafana 5 dompdf/dompdf 5 prestashop/prestashop 5 org.xwiki.commons:xwiki-commons-xml 5 bentoml 5 nodebb 5 org.jenkins-ci.plugins:script-security 5 centreon/centreon 5 dbgpt 5 org.jeecgframework.boot:jeecg-boot-parent 5 org.apache.kylin:kylin-server-base 4 smallvec 4 simplesamlphp/simplesamlphp 4 mongoose 4 ruby-saml 4 baserproject/basercms 4 org.apache.inlong:manager-service 4 hermes-engine 4 org.jeecgframework.boot:jeecg-boot-base-core 4 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 4 langchain-experimental 4 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 4 github.com/usememos/memos 4 org.eclipse.jetty:jetty-server 4 org.xwiki.platform:xwiki-platform-search-ui 4 Pillow 4 realms-shim 4 org.cloudfoundry.identity:cloudfoundry-identity-server 4 gradio 4 calibreweb 4 messagepack-rs 4 tribalsystems/zenario 4 contao/core-bundle 4 contao/contao 4 org.apache.tapestry:tapestry-core 4 cobbler 4 adodb/adodb-php 4 openssl-src 4 nukeviet/nukeviet 4 org.apache.ignite:ignite-core 4 nokogiri 4 org.apache.solr:solr-core 4 showdoc/showdoc 4 aim 4 ait-core 4 org.apache.activemq:activemq-client 4 net.opentsdb:opentsdb 4 safer-eval 4 apache-airflow-providers-apache-hive 4 shopware/shopware 4 swagger-ui 4 feehi/cms 4 org.apache.tomcat:tomcat-catalina 4 org.apache.storm:storm 3 namada-apps 3 smarty/smarty 3 slpjs 3 slp-validate 3 github.com/cosmos/ibc-go 3 github.com/gofiber/fiber/v2 3 github.com/cosmos/ibc-go/v2 3 github.com/cosmos/ibc-go/v3 3 symfony/security 3 symfony/security-core 3 github.com/go-gitea/gitea 3 feathers-sequelize 3 org.springframework.security:spring-security-core 3 strapi 3 wwbn/avideo 3 browserify-shim 3 github.com/cosmos/ibc-go/v4 3 github.com/cosmos/ibc-go/v5 3 agentscope 3 org.apache.dolphinscheduler:dolphinscheduler 3 github.com/cosmos/ibc-go/v6 3 github.com/cosmos/ibc-go/v7 3 apache-submarine 3 github.com/cosmos/ibc-go/v8 3 github.com/pterodactyl/wings 3 org.apache.hadoop:hadoop-common 3 django 3 org.xwiki.platform:xwiki-platform-distribution-war 3 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 3 com.alibaba:dubbo 3 dulwich 3 org.xwiki.platform:xwiki-platform-icon-ui 3 github.com/dexidp/dex 3 github.com/hashicorp/nomad 3 handlebars 3 xml-crypto 3 org.xwiki.platform:xwiki-platform-panels-ui 3 org.apache.inlong:manager-web 3 id-map 3 @openzeppelin/contracts-upgradeable 3 github.com/IceWhaleTech/CasaOS 3 llama-index 3 llama-index-core 3 lmdb 3 edu.stanford.nlp:stanford-corenlp 3 mitmproxy 3 org.apache.jmeter:ApacheJMeter 3 modoboa 3 io.dataease:dataease-plugin-common 3 nvflare 3 org.zenframework.z8.dependencies.commons:log4j-1.2.17 3 org.jeecgframework.boot:jeecg-boot-base 3 alextselegidis/easyappointments 3 ro.pippo:pippo-core 3 PaddlePaddle 3 pandasai 3 Plone 3 org.jeecgframework.boot:jeecg-module-system 3 github.com/beego/beego 3 org.jenkins-ci.plugins:active-directory 3 org.apache.linkis:linkis 3 github.com/beego/beego/v2 3 org.apache.logging.log4j:log4j-core 3 codeigniter4/framework 3 codeigniter/framework 3 codiad/codiad 3 pyyaml 3 ray 3 jsrsasign 3 org.jenkins-ci.plugins.workflow:workflow-cps 3 github.com/bnb-chain/tss-lib 3 elefant/cms 3 actix-web 3 ezsystems/ezplatform-kernel 3

Filter by Repository

https://github.com/apache/struts 6 https://github.com/rapid7/metasploit-framework 1