Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.apache.struts:struts2-core

maven

Apache Struts

View on github.com · View on repo1.maven.org

Security Advisories for org.apache.struts:struts2-core in maven

Critical
11 months ago

Apache Struts file upload logic is flawed GSA_kwCzR0hTQS00M21xLTZ4bWctMjl2bc4ABCSU

maven org.apache.struts:struts2-core
Critical
almost 2 years ago

Apache Struts vulnerable to path traversal GSA_kwCzR0hTQS0yajM5LXFjam0tNDI4d84AA3mt

maven org.apache.struts:struts2-core
High
almost 2 years ago

Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability GSA_kwCzR0hTQS03MjlxLWZjZ3AtcjV4aM4AA3kR

maven org.apache.struts:struts2-core
High
over 2 years ago

Apache Struts vulnerable to memory exhaustion GSA_kwCzR0hTQS00ZzQyLWdxcmctNDYzM84AAz2O

maven org.apache.struts:struts2-core
Moderate
over 2 years ago

Apache Struts vulnerable to memory exhaustion GSA_kwCzR0hTQS04ZjZ4LXY2ODUtZzJ4Y84AAz2D

maven org.apache.struts:struts2-core
High
over 3 years ago

Improper Preservation of Permissions in Apache Struts GSA_kwCzR0hTQS1jY3A1LWdnNTgtcHhmbc4AAl6h

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Cross-site Scripting in Apache Struts GSA_kwCzR0hTQS0yNjVyLXBwODMtZ3d3N84AAjsD

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts is vulnerable to Cross-site Scripting GSA_kwCzR0hTQS1qZ2NyLTljMnEtcnZwOM4AAgP6

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts directory traversal vulnerability GSA_kwCzR0hTQS13djdnLXhodnctOGhjcM4AAgPc

maven org.apache.struts:struts2-core
Low
over 3 years ago

Cross-site Scripting in Apache Struts GSA_kwCzR0hTQS01NmY4LWc2OHItajY5Oc4AAf1H

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts is vulnerable to Cross-site Scripting GSA_kwCzR0hTQS0zZzhqLWpqNTQtM3ZqZ84AAe4O

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts2 Broken Access Control Vulnerability GSA_kwCzR0hTQS1xNXE4LWpnaGYtM3BtM84AAekz

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts XSS Vulnerability GSA_kwCzR0hTQS0yajRxLTlmZmYtMjM2as4AAdCC

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Denial of service in Apache Struts GSA_kwCzR0hTQS0zODNwLXhxeHgtcnJtcM4AAdBJ

maven ognl:ognl, org.apache.struts:struts2-core
Critical
over 3 years ago

Remote Code Execution in Apache Struts GSA_kwCzR0hTQS1wdm05LTI4OGMtdjV3cc4AAdBO

maven org.apache.struts:struts2-core
High
over 3 years ago

Code injection in Apache Struts GSA_kwCzR0hTQS1qN2g2LXhyN2ctbTJjNc4AAcrC

maven org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
Moderate
over 3 years ago

Open redirect in Apache Struts GSA_kwCzR0hTQS1ycGo5LXI4OTctd2M2cc4AAcSx

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts vulnerable to possible DoS attack when using URLValidator GSA_kwCzR0hTQS14Zzc1LTY4eDMtN3Azcc4AAa4P

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Apache Struts improper action name cleanup GSA_kwCzR0hTQS14bTkyLXYybXEtODQycc4AAa4Q

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Cross-Site Request Forgery in Apache Struts GSA_kwCzR0hTQS0ycnZoLXE1MzktcTMzds4AAaDY

maven org.apache.struts:struts2-core
High
over 3 years ago

Incomplete exclude pattern in Apache Struts GSA_kwCzR0hTQS1xMmNnLXhmOXAtaDQ1N84AAYyu

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
over 3 years ago

Special top object can be used to access Struts' internals GSA_kwCzR0hTQS00cWdqLTltdmctMzkyOc4AAWri

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts vulnerable to possible DoS attack when using URLValidator GSA_kwCzR0hTQS04NnZxLThxaGMtNXJxd84AAWrf

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Cross-Site Request Forgery in Apache Struts GSA_kwCzR0hTQS1oNHY5LWpmMnItOWg2bc4AAWFk

maven org.apache.struts:struts2-core
High
over 3 years ago

Arbitrary code execution in Apache Struts 2 GSA_kwCzR0hTQS1ncXFtLTU2NGYtdnZ4cc4AAUxj

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
over 3 years ago

Cross-site Scripting in Apache Struts GSA_kwCzR0hTQS12d2h2LWozNmctNXJtOM4AAUxp

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Cross-site Scripting in Apache Struts GSA_kwCzR0hTQS1tM3g2LTl2NmgtNGcyOM4AAUxh

maven org.apache.struts:struts2-core
High
over 3 years ago

Arbitrary code execution in Apache Struts 2 GSA_kwCzR0hTQS1wdzhyLXgycW0tM2g1bc4AAUxe

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
over 3 years ago

Apache Struts Code injection due to conversion error GSA_kwCzR0hTQS1td3J4LWh4NngtM2hods4AAUpl

maven org.apache.struts:struts2-core
High
over 3 years ago

Apache Struts forced double OGNL evaluation GSA_kwCzR0hTQS04NjR3LXI1cWotaDZmas4AAThz

maven org.apache.struts:struts2-core
High
over 3 years ago

ClassLoader manipulation in Apache Struts GSA_kwCzR0hTQS1wcmp2LWpqMjYtd2Y4aM4AATRB

maven org.apache.struts:struts2-core
High
over 3 years ago

Arbitrary code execution in Apache Struts GSA_kwCzR0hTQS03Mzd3LW1oNTgtY3hqcM4AATQ_

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
over 3 years ago

ClassLoader manipulation in Apache Struts GSA_kwCzR0hTQS12cndjLXFqbXctNXJqbc4AATRA

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
over 3 years ago

ClassLoader manipulation in Apache Struts GSA_kwCzR0hTQS0zYzVjLXhycTQtcWhyOM4AATQ2

maven org.apache.struts:struts2-core
High
over 3 years ago

Improper Control of Generation of Code in Apache Struts GSA_kwCzR0hTQS13aG1xLXY5NHEtMzRwOc4AATQ8

maven org.apache.struts:struts2-core
High
over 3 years ago

Apache Struts RCE Vulnerability GSA_kwCzR0hTQS04YzZqLWZmbWYtcTZ2bc4AATRI

maven org.apache.struts:struts2-core
High
over 3 years ago

ClassLoader manipulation in Apache Struts GSA_kwCzR0hTQS1obWhxLTM4MnEtbXA1Ns4AATQ0

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Apache Struts vulnerable to arbitrary remote code execution due to improper input validation GSA_kwCzR0hTQS1tbWo2LWNqajQtaHByNc4AATRH

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Arbitrary code execution in Apache Struts 2 GSA_kwCzR0hTQS00cHJqLXZ3OWotdjZwcs4AATRG

maven org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
High
over 3 years ago

Apache Struts RCE Vulnerability GSA_kwCzR0hTQS04NzZwLTR3Z2MtNzVyeM4AATMB

maven org.apache.struts:struts2-core
High
over 3 years ago

Code injection in Apache Struts GSA_kwCzR0hTQS03Z2htLXJwYzctcDdnNc34jQ

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Critical
over 3 years ago

Code injection in Apache Struts GSA_kwCzR0hTQS00N3FwLTh2OWctMzlocM32gA

maven org.apache.struts:struts2-core
Moderate
over 3 years ago

Server side object manipulation in Apache Struts GSA_kwCzR0hTQS14NWZjLXBncHgtNTlqNc32hw

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Apache Struts Remote Java Code Execution GSA_kwCzR0hTQS00d3JyLTloNXItbTkyd83e2w

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts's CookieInterceptor component does not use the parameter-name whitelist GSA_kwCzR0hTQS0ycHBwLXhqMzQtdnZmN83e3A

maven org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
over 3 years ago

Apache Struts's ParameterInterceptor component does not prevent access to public constructors GSA_kwCzR0hTQS1oeHFxLXc0bXItbWM2Ms3e2A

maven org.apache.struts:struts2-core
High
over 3 years ago

Unrestricted Upload of File with Dangerous Type in Apache Struts2 GSA_kwCzR0hTQS04bTVxLWNycXEtNnBtZs1AOA

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Struts ParameterInterceptor vulnerability allows remote command execution GSA_kwCzR0hTQS1qNjhmLThoNnAtOWg1cc0-5A

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Expression Language Injection in Apache Struts GSA_kwCzR0hTQS12OGo2LTZjMnItcjI3Y807Ew

maven org.apache.struts:struts2-core
Critical
over 3 years ago

Remote code execution in Apache Struts MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjMzUtcTM2OS00NXB2

maven org.apache.struts:struts2-core
Critical
almost 4 years ago

Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q

maven org.apache.struts:struts2-core
High
about 7 years ago

Apache Struts vulnerable to remote command execution (RCE) due to improper input validation MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNmotM2pwOS1ydzY1

maven org.apache.struts:struts2-core
Critical
about 7 years ago

Apache Struts vulnerable to remote arbitrary command execution due to improper input validation MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3N3EtMnFxZy02OTg5

maven org.apache.struts:struts2-core
High
about 7 years ago

Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1eDctM3Y4NS13cGM0

maven org.apache.struts:struts2-core
High
about 7 years ago

Spring AOP functionality (Struts) vulnerable to DoS attack MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtcjUtaDI4Zy0zNnF4

maven org.apache.struts:struts2-core
Moderate
about 7 years ago

Apache Struts Improper Input Validation vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncDctanZtMi1yNG14

maven org.apache.struts:struts2-core
Critical
about 7 years ago

Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmeDktNWh4OC1jcmht

maven org.apache.struts:struts2-core

Filter by Severity

High 22 Moderate 20 Critical 14 Low 1