Security Advisories for org.apache.struts:struts2-core in maven
High
5 months ago
Apache Struts 2 is Missing XML Validation
maven
org.apache.struts.xwork:xwork-core, com.opensymphony:xwork, org.apache.struts:struts2-core
High
6 months ago
Apache Struts has a Denial of Service vulnerability
maven
org.apache.struts:struts2-core
High
6 months ago
Apache Struts is Vulnerable to DoS via File Leak
maven
org.apache.struts:struts2-core
Critical
over 1 year ago
Apache Struts file upload logic is flawed
maven
org.apache.struts:struts2-core
Critical
over 2 years ago
Apache Struts vulnerable to path traversal
maven
org.apache.struts:struts2-core
High
over 2 years ago
Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability
maven
org.apache.struts:struts2-core
High
almost 3 years ago
Apache Struts vulnerable to memory exhaustion
maven
org.apache.struts:struts2-core
Moderate
almost 3 years ago
Apache Struts vulnerable to memory exhaustion
maven
org.apache.struts:struts2-core
High
about 4 years ago
Improper Preservation of Permissions in Apache Struts
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Cross-site Scripting in Apache Struts
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Apache Struts is vulnerable to Cross-site Scripting
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Apache Struts directory traversal vulnerability
maven
org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
Apache Struts Multiple XSS Vulnerabilities
maven
org.apache.struts:struts2-parent
Moderate
about 4 years ago
Apache Struts is vulnerable to Cross-site Scripting
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Apache Struts2 Broken Access Control Vulnerability
maven
org.apache.struts:struts2-core
Critical
about 4 years ago
Remote Code Execution in Apache Struts
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Denial of service in Apache Struts
maven
ognl:ognl, org.apache.struts:struts2-core
High
about 4 years ago
Code injection in Apache Struts
maven
org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
Apache Struts vulnerable to possible DoS attack when using URLValidator
maven
org.apache.struts:struts2-core
Potential
Critical
about 4 years ago
Apache Struts improper action name cleanup
maven
org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
Denial of service in Apache Struts
maven
org.apache.struts.xwork:xwork-core
Moderate
about 4 years ago
Cross-Site Request Forgery in Apache Struts
maven
org.apache.struts:struts2-core
High
about 4 years ago
Incomplete exclude pattern in Apache Struts
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Potential
High
about 4 years ago
Special top object can be used to access Struts' internals
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Apache Struts vulnerable to possible DoS attack when using URLValidator
maven
org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
XWork in Apache Struts Reveals Sensitive Information
maven
org.apache.struts.xwork:xwork-core
Moderate
about 4 years ago
Cross-Site Request Forgery in Apache Struts
maven
org.apache.struts:struts2-core
High
about 4 years ago
Arbitrary code execution in Apache Struts 2
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
about 4 years ago
Cross-site Scripting in Apache Struts
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
Cross-site Scripting in Apache Struts
maven
org.apache.struts:struts2-core
High
about 4 years ago
Arbitrary code execution in Apache Struts 2
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
about 4 years ago
Apache Struts Code injection due to conversion error
maven
org.apache.struts:struts2-core
High
about 4 years ago
Apache Struts forced double OGNL evaluation
maven
org.apache.struts:struts2-core
High
about 4 years ago
ClassLoader manipulation in Apache Struts
maven
org.apache.struts:struts2-core
High
about 4 years ago
ClassLoader manipulation in Apache Struts
maven
org.apache.struts:struts2-core
Moderate
about 4 years ago
ClassLoader manipulation in Apache Struts
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
about 4 years ago
Improper Control of Generation of Code in Apache Struts
maven
org.apache.struts:struts2-core
High
about 4 years ago
Arbitrary code execution in Apache Struts
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
High
about 4 years ago
ClassLoader manipulation in Apache Struts
maven
org.apache.struts:struts2-core
Critical
about 4 years ago
Apache Struts vulnerable to arbitrary remote code execution due to improper input validation
maven
org.apache.struts:struts2-core
Critical
about 4 years ago
Arbitrary code execution in Apache Struts 2
maven
org.apache.struts:struts2-rest-plugin, org.apache.struts:struts2-core
Potential
Critical
about 4 years ago
Path Traversal in Apache Struts
maven
org.apache.struts:struts2-convention-plugin
Potential
Critical
about 4 years ago
Code execution in Apache Struts 1 plugin
maven
org.apache.struts:struts2-struts1-plugin
High
about 4 years ago
Code injection in Apache Struts
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Moderate
about 4 years ago
Server side object manipulation in Apache Struts
maven
org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode
maven
org.apache.struts.xwork:xwork-core
Moderate
about 4 years ago
Apache Struts's CookieInterceptor component does not use the parameter-name whitelist
maven
org.apache.struts.xwork:xwork-core, org.apache.struts:struts2-core
Critical
about 4 years ago
Apache Struts Remote Java Code Execution
maven
org.apache.struts:struts2-core
Potential
Moderate
about 4 years ago
Apache Struts's ParameterInterceptor component does not prevent access to public constructors
maven
org.apache.struts.xwork:xwork-core
High
about 4 years ago
Unrestricted Upload of File with Dangerous Type in Apache Struts2
maven
org.apache.struts:struts2-core
Critical
about 4 years ago
Struts ParameterInterceptor vulnerability allows remote command execution
maven
org.apache.struts:struts2-core
Critical
about 4 years ago
Expression Language Injection in Apache Struts
maven
org.apache.struts:struts2-core
Critical
over 4 years ago
Remote code execution in Apache Struts
maven
org.apache.struts:struts2-core
Critical
over 4 years ago
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts
maven
org.apache.struts:struts2-core
High
over 7 years ago
Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
maven
org.apache.struts:struts2-core
Critical
over 7 years ago
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation
maven
org.apache.struts:struts2-core
Potential
High
over 7 years ago
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
maven
org.apache.struts:struts2-rest-plugin
High
over 7 years ago
Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used
maven
org.apache.struts:struts2-core
High
over 7 years ago
Spring AOP functionality (Struts) vulnerable to DoS attack
maven
org.apache.struts:struts2-core
Moderate
over 7 years ago
Apache Struts Improper Input Validation vulnerability
maven
org.apache.struts:struts2-core
Critical
over 7 years ago
Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal
maven
org.apache.struts:struts2-core
Potential
High
over 7 years ago
Apache Struts REST Plugin can potentially allow a DoS attack
maven
org.apache.struts:struts2-rest-plugin