exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-9804

больше 8 лет назад

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.

CVSS3: 7.5

EPSS: Средний

CVE-2017-9804

больше 8 лет назад

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.

CVSS3: 3.7

EPSS: Средний

CVE-2017-9804

больше 8 лет назад

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.

CVSS3: 7.5

EPSS: Средний

CVE-2017-9804

больше 8 лет назад

In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an ap ...

CVSS3: 7.5

EPSS: Средний

GHSA-x5x7-3v85-wpc4

больше 7 лет назад

Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-9804 In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.	CVSS3: 7.5	12% Средний	больше 8 лет назад
CVE-2017-9804 In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.	CVSS3: 3.7	12% Средний	больше 8 лет назад
CVE-2017-9804 In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. NOTE: this vulnerability exists because of an incomplete fix for S2-047 / CVE-2017-7672.	CVSS3: 7.5	12% Средний	больше 8 лет назад
CVE-2017-9804 In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an ap ...	CVSS3: 7.5	12% Средний	больше 8 лет назад
GHSA-x5x7-3v85-wpc4 Apache Struts allows entering a custom URL in a form field if built-in URLValidator is used	CVSS3: 7.5	12% Средний	больше 7 лет назад

Уязвимостей на страницу