Package impact
Maven / org.apache.struts:struts2-rest-plugin
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9793 | high | 7.5 | 7.5 | 9y ago | The REST Plugin in Apache Struts is using an outdated XStream library | |||
| CVE-2017-15707 | medium | 6.2 | 6.2 | 9y ago | Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin | |||
| CVE-2017-9805 | unknown | — | 2.5 | 8y ago | Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. | |||
| CVE-2018-1327 | unknown | — | — | 8y ago | Apache Struts REST Plugin can potentially allow a DoS attack |