Lucene search
Veracode Vulnerability DatabaseVERACODE:4568HistoryJul 14, 2017 - 5:43 a.m.
Denial Of Service (DoS)
2017-07-1405:43:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.039 Low
EPSS
Percentile
92.0%
Struts-core is vulnerable to denial of service (DoS) attacks. A malicious user can pass a URL string to the application to overload the URL validation process, preventing other strings from being validated.
| CPE | Name | Operator | Version |
|---|---|---|---|
| struts 2 core | le | 2.5.10.1 |
References
Related
openvas
openvas
Apache Struts URLValidator DoS Vulnerability (S2-047) - Linux
2017-07-18 00:00:00
Apache Struts Security Update (S2-047)
2017-07-18 00:00:00
prion
prion
Code injection
2017-07-13 15:29:00
Code injection
2017-09-20 17:29:00
redhatcve
redhatcve
CVE-2017-7672
2017-08-11 13:48:28
CVE-2017-9804
2017-09-05 14:19:09
cvelist
cvelist
CVE-2017-7672
2017-07-13 00:00:00
CVE-2017-9804
2017-09-05 00:00:00
github
github
Apache Struts Improper Input Validation vulnerability
2018-10-16 19:36:43
nvd
nvd
CVE-2017-7672
2017-07-13 15:29:00
CVE-2017-9804
2017-09-20 17:29:00
cve
cve
CVE-2017-7672
2017-07-13 15:29:00
CVE-2017-9804
2017-09-20 17:29:00
ubuntucve
ubuntucve
CVE-2017-7672
2017-07-13 00:00:00
CVE-2017-9804
2017-09-20 00:00:00
f5
f5
K00503780 : Apache Struts 2 vulnerability CVE-2017-7672
2017-08-03 00:00:00
K12542008 : Apache Struts vulnerabilities CVE-2017-9793 and CVE-2017-9804
2017-09-08 00:00:00
osv
osv
CVE-2017-7672
2017-07-13 15:29:00
Apache Struts Improper Input Validation vulnerability
2018-10-16 19:36:43
CVE-2017-9804
2017-09-20 17:29:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2017-09-05 21:13:06
nessus
nessus
Apache Struts 2.5.x < 2.5.12 Multiple DoS (S2-047) (S2-049)
2017-07-14 00:00:00
Oracle WebLogic Server Multiple Vulnerabilities
2017-10-04 00:00:00
threatpost
threatpost
Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug
2017-09-26 14:28:26