| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9791 | 7.5 |
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
|
28-05-2020 - 19:31 | 10-07-2017 - 16:29 | |
| CVE-2017-9787 | 5.0 |
When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33.
|
03-10-2019 - 00:03 | 13-07-2017 - 15:29 | |
| CVE-2017-7672 | 4.3 |
If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Str
|
08-07-2018 - 01:29 | 13-07-2017 - 15:29 |