CPE-5ADE6D42-E567-4947-9461-6B98319DD16C Detail

CPE Details

Apache Software Foundation Struts 1.3.9

Vendor

apache

Product

struts

Version

1.3.9

Created

2019-03-01
19h00 +00:00

Modified

2019-03-01
19h00 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:apache:struts:1.3.9:::::::*

Informations

Vendor

apache

Product

struts

Version

1.3.9

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-34396	2023-06-14 07h50 +00:00	Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater	7.5	High
CVE-2023-34149	2023-06-14 07h48 +00:00	Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater.	6.5	Medium
CVE-2016-1181	2016-07-04 20h00 +00:00	ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.	8.1	High
CVE-2016-1182	2016-07-04 20h00 +00:00	ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.	8.2	High
CVE-2012-0391	2012-01-08 15h00 +00:00	The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.	9.8	Critical
CVE-2009-1275	2009-04-09 13h00 +00:00	Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information via unspecified vectors, related to the (1) tiles:putAttribute and (2) tiles:insertTemplate JSP tags.	6.8

Apache Software Foundation Struts 1.3.9

CPE Details

CPE Name: cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:apache:struts:1.3.9:::::::*