exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2014-0112

больше 11 лет назад

ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.

CVSS2: 7.5

EPSS: Критический

CVE-2014-0112

больше 11 лет назад

ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.

CVSS3: 7.3

EPSS: Критический

CVE-2014-0112

больше 11 лет назад

ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.

CVSS2: 7.5

EPSS: Критический

CVE-2014-0112

больше 11 лет назад

ParametersInterceptor in Apache Struts before 2.3.20 does not properly ...

CVSS2: 7.5

EPSS: Критический

GHSA-prjv-jj26-wf8h

больше 3 лет назад

ClassLoader manipulation in Apache Struts

EPSS: Критический

BDU:2015-00402

больше 11 лет назад

Уязвимость реализации метода getClass программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код

CVSS3: 7.1

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-0112 ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.	CVSS2: 7.5	92% Критический	больше 11 лет назад
CVE-2014-0112 ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.	CVSS3: 7.3	92% Критический	больше 11 лет назад
CVE-2014-0112 ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.	CVSS2: 7.5	92% Критический	больше 11 лет назад
CVE-2014-0112 ParametersInterceptor in Apache Struts before 2.3.20 does not properly ...	CVSS2: 7.5	92% Критический	больше 11 лет назад
GHSA-prjv-jj26-wf8h ClassLoader manipulation in Apache Struts		92% Критический	больше 3 лет назад
BDU:2015-00402 Уязвимость реализации метода getClass программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код	CVSS3: 7.1	92% Критический	больше 11 лет назад

Уязвимостей на страницу