org.apache.struts:struts2-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2016-8738Mediumorg.apache.struts:struts2-core: Apache Struts vulnerable to possible DoS attack when using URLValidatorCVE-2014-7809Mediumorg.apache.struts:struts2-core: Cross-Site Request Forgery in Apache StrutsCVE-2015-5169Mediumorg.apache.struts:struts2-core: Cross-site Scripting in Apache StrutsCVE-2013-2134Highorg.apache.struts:struts2-core: Arbitrary code execution in Apache Struts 2CVE-2016-4003Mediumorg.apache.struts:struts2-core: Cross-site Scripting in Apache StrutsCVE-2013-2135Highorg.apache.struts:struts2-core: Arbitrary code execution in Apache Struts 2CVE-2012-0838Highorg.apache.struts:struts2-core: Apache Struts Code injection due to conversion errorCVE-2016-4461Highorg.apache.struts:struts2-core: Apache Struts forced double OGNL evaluationCVE-2014-0112Highorg.apache.struts:struts2-core: ClassLoader manipulation in Apache StrutsCVE-2014-0094Mediumorg.apache.struts:struts2-core: ClassLoader manipulation in Apache StrutsCVE-2013-1966Highorg.apache.struts:struts2-core: Arbitrary code execution in Apache StrutsCVE-2013-1965Highorg.apache.struts:struts2-core: Improper Control of Generation of Code in Apache StrutsCVE-2014-0113Highorg.apache.struts:struts2-core: ClassLoader manipulation in Apache StrutsCVE-2016-3081Highorg.apache.struts:struts2-core: Apache Struts RCE VulnerabilityCVE-2016-3087Criticalorg.apache.struts:struts2-core: Apache Struts vulnerable to arbitrary remote code execution due to improper input validationCVE-2014-0116Highorg.apache.struts:struts2-core: ClassLoader manipulation in Apache StrutsCVE-2016-4438Criticalorg.apache.struts:struts2-core: Arbitrary code execution in Apache Struts 2CVE-2016-0785Highorg.apache.struts:struts2-core: Apache Struts RCE VulnerabilityCVE-2013-2115Highorg.apache.struts:struts2-core: Code injection in Apache StrutsCVE-2010-1870Mediumorg.apache.struts:struts2-core: Server side object manipulation in Apache StrutsCVE-2013-2251Criticalorg.apache.struts:struts2-core: Code injection in Apache StrutsCVE-2012-0392Mediumorg.apache.struts:struts2-core: Apache Struts's CookieInterceptor component does not use the parameter-name whitelistCVE-2012-0391Criticalorg.apache.struts:struts2-core: Apache Struts Remote Java Code ExecutionCVE-2012-0393Mediumorg.apache.struts.xwork:xwork-core: Apache Struts's ParameterInterceptor component does not prevent access to public constructorsCVE-2012-1592Highorg.apache.struts:struts2-core: Unrestricted Upload of File with Dangerous Type in Apache Struts2

Stop the waste.
Protect your environment with Kodem.