exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2017-9805

больше 8 лет назад

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

CVSS3: 8.1

EPSS: Критический

CVE-2017-9805

больше 8 лет назад

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

CVSS3: 8.1

EPSS: Критический

CVE-2017-9805

больше 8 лет назад

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

CVSS3: 8.1

EPSS: Критический

CVE-2017-9805

больше 8 лет назад

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and ...

CVSS3: 8.1

EPSS: Критический

GHSA-gg9m-fj3v-r58c

больше 7 лет назад

REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering

CVSS3: 8.1

EPSS: Критический

BDU:2017-02058

больше 8 лет назад

Уязвимость плагина REST программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код

CVSS2: 7.6

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-9805 The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.	CVSS3: 8.1	94% Критический	больше 8 лет назад
CVE-2017-9805 The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.	CVSS3: 8.1	94% Критический	больше 8 лет назад
CVE-2017-9805 The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.	CVSS3: 8.1	94% Критический	больше 8 лет назад
CVE-2017-9805 The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and ...	CVSS3: 8.1	94% Критический	больше 8 лет назад
GHSA-gg9m-fj3v-r58c REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering	CVSS3: 8.1	94% Критический	больше 7 лет назад
BDU:2017-02058 Уязвимость плагина REST программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код	CVSS2: 7.6	94% Критический	больше 8 лет назад

Уязвимостей на страницу