The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Apache Struts

Apache Struts: denial of service via Read Only Upload
An attacker can trigger a fatal error via Read Only Upload of Apache Struts, in order to trigger a denial of service...
CERTFR-2020-AVI-5, CERTFR-2020-AVI-578, CVE-2019-0233, K35226442, S2-060, VIGILANCE-VUL-33074
Apache Struts 1.3: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Apache Struts 1.3, in order to run JavaScript code in the context of the web site...
2016214, cpuoct2018, CVE-2012-1007, ibm10719287, ibm10719297, ibm10719301, ibm10719303, ibm10719307, VIGILANCE-VUL-27508
Apache Struts: code execution via Namespace Special Configuration
An attacker can use a vulnerability via Namespace Special Configuration of Apache Struts, in order to run code...
525207, 526176, CERTFR-2018-ALE-010, CERTFR-2018-AVI-405, cisco-sa-20180823-apache-struts, cpujan2019, CVE-2018-11776, DSA-2018-196, S2-057, VIGILANCE-VUL-27058
Apache Struts: denial of service via REST Plugin
An attacker can generate a fatal error via REST Plugin of Apache Struts, in order to trigger a denial of service...
CERTFR-2018-AVI-153, cpujul2018, CVE-2018-1327, S2-056, VIGILANCE-VUL-25662
Apache Struts: code execution via com.fasterxml.jackson
An attacker can use a vulnerability (VIGILANCE-VUL-23406) of com.fasterxml.jackson of Apache Struts, in order to run code...
5048, CERTFR-2017-AVI-470, cpuapr2018, cpuapr2019, cpujan2019, cpujul2018, cpuoct2018, CVE-2017-17485, CVE-2017-7525, CVE-2018-5968, ibm10715641, ibm10738249, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, RHSA-2018:0294-01, RHSA-2018:0478-01, RHSA-2018:0479-01, RHSA-2018:0480-01, RHSA-2018:0481-01, RHSA-2018:1447-01, RHSA-2018:1448-01, RHSA-2018:1449-01, RHSA-2018:1450-01, RHSA-2018:1451-01, RHSA-2018:2930-01, S2-055, VIGILANCE-VUL-24732
Apache Struts REST Plugin: denial of service via JSON
An attacker can generate a fatal error via JSON of Apache Struts REST Plugin, in order to trigger a denial of service...
CERTFR-2017-AVI-445, cpuapr2018, cpujul2018, CVE-2017-15707, S2-054, VIGILANCE-VUL-24605
Apache Struts: code execution via Freemarker
An attacker can use a vulnerability via Freemarker of Apache Struts, in order to run code...
3889403, 3905487, 504595, 509396, CVE-2017-12611, ESA-2017-121, ESA-2017-128, S2-053, VIGILANCE-VUL-23756
Apache Struts: two vulnerabilities
An attacker can use several vulnerabilities of Apache Struts...
3889403, 3905487, CVE-2017-9793, CVE-2017-9804, S2-050, S2-051, VIGILANCE-VUL-23731
Apache Struts: code execution via REST XStream
An attacker can use a vulnerability via REST XStream of Apache Struts, in order to run code...
3889403, 3905487, CERTFR-2017-AVI-285, CVE-2017-9805, S2-052, VIGILANCE-VUL-23755, VU#112992
Apache Struts: denial of service via Spring Secured Actions
An attacker can generate a fatal error via Spring Secured Actions of Apache Struts, in order to trigger a denial of service...
3889403, 3905487, CVE-2017-9787, S2-049, VIGILANCE-VUL-23244
Our database contains other pages. You can request a free trial to read them.

Display information about Apache Struts: