Package impact
Maven / org.apache.struts:struts2-rest-plugin
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9805 | unknown | — | 2.5 | 8y ago | Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. | |||
| CVE-2018-1327 | unknown | — | — | 8y ago | Apache Struts REST Plugin can potentially allow a DoS attack |