Lucene search
F5F5:K74571223HistoryFeb 24, 2017 - 12:00 a.m.
K74571223 : Apache Struts vulnerability CVE-2016-8738
2017-02-2400:00:00
my.f5.com
14
Security Advisory Description
In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. (CVE-2016-8738)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
nessus
nessus
cve
cve
CVE-2016-8738
2017-09-20 17:29:00
openvas
openvas
Apache Struts DoS Vulnerability (S2-044) - Linux
2017-09-28 00:00:00
Apache Struts Security Update (S2-044)
2017-09-28 00:00:00
prion
prion
Design/Logic Flaw
2017-09-20 17:29:00
osv
osv
CVE-2016-8738
2017-09-20 17:29:00
Apache Struts vulnerable to possible DoS attack when using URLValidator
2022-05-14 03:15:07
github
github
Apache Struts vulnerable to possible DoS attack when using URLValidator
2022-05-14 03:15:07
ubuntucve
ubuntucve
CVE-2016-8738
2017-09-20 00:00:00
cvelist
cvelist
CVE-2016-8738
2016-12-19 00:00:00
nvd
nvd
CVE-2016-8738
2017-09-20 17:29:00
veracode
veracode
Denial Of Service (DoS) Via URLValidator
2016-12-05 03:35:11