Package impact
Maven / org.apache.struts:struts2-rest-plugin
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-4316 | critical | — | 10.0 | 13y ago | Code injection in Apache Struts | |||
| CVE-2016-4438 | critical | 9.8 | 9.8 | 10y ago | Arbitrary code execution in Apache Struts 2 | |||
| CVE-2017-9793 | high | 7.5 | 7.5 | 9y ago | The REST Plugin in Apache Struts is using an outdated XStream library | |||
| CVE-2017-9805 | unknown | — | 2.5 | 8y ago | Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. | |||
| CVE-2018-1327 | unknown | — | — | 8y ago | Apache Struts REST Plugin can potentially allow a DoS attack |