Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.struts/struts2-core@2.1.0
Typemaven
Namespaceorg.apache.struts
Namestruts2-core
Version2.1.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.8.0
Latest_non_vulnerable_version7.1.1
Affected_by_vulnerabilities
0
url VCID-2rjv-1thm-dugt
vulnerability_id VCID-2rjv-1thm-dugt
summary XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3082
reference_id
reference_type
scores
0
value 0.24626
scoring_system epss
scoring_elements 0.9615
published_at 2026-04-29T12:55:00Z
1
value 0.24626
scoring_system epss
scoring_elements 0.96125
published_at 2026-04-08T12:55:00Z
2
value 0.24626
scoring_system epss
scoring_elements 0.96129
published_at 2026-04-09T12:55:00Z
3
value 0.24626
scoring_system epss
scoring_elements 0.96131
published_at 2026-04-11T12:55:00Z
4
value 0.24626
scoring_system epss
scoring_elements 0.9613
published_at 2026-04-12T12:55:00Z
5
value 0.24626
scoring_system epss
scoring_elements 0.96132
published_at 2026-04-13T12:55:00Z
6
value 0.24626
scoring_system epss
scoring_elements 0.96141
published_at 2026-04-16T12:55:00Z
7
value 0.24626
scoring_system epss
scoring_elements 0.96146
published_at 2026-04-18T12:55:00Z
8
value 0.24626
scoring_system epss
scoring_elements 0.96147
published_at 2026-04-21T12:55:00Z
9
value 0.24626
scoring_system epss
scoring_elements 0.96149
published_at 2026-04-26T12:55:00Z
10
value 0.24626
scoring_system epss
scoring_elements 0.96095
published_at 2026-04-01T12:55:00Z
11
value 0.24626
scoring_system epss
scoring_elements 0.96103
published_at 2026-04-02T12:55:00Z
12
value 0.24626
scoring_system epss
scoring_elements 0.96109
published_at 2026-04-04T12:55:00Z
13
value 0.24626
scoring_system epss
scoring_elements 0.96115
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3082
1
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
2
reference_url https://github.com/apache/struts/commit/6bd694b7980494c12d49ca1bf39f12aec3e03e2f
reference_id
reference_type
scores
url https://github.com/apache/struts/commit/6bd694b7980494c12d49ca1bf39f12aec3e03e2f
3
reference_url http://struts.apache.org/docs/s2-031.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://struts.apache.org/docs/s2-031.html
4
reference_url http://www.securityfocus.com/bid/88826
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/88826
5
reference_url http://www.securitytracker.com/id/1035664
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035664
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3082
reference_id CVE-2016-3082
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3082
63
reference_url https://github.com/advisories/GHSA-pvm9-288c-v5wq
reference_id GHSA-pvm9-288c-v5wq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pvm9-288c-v5wq
fixed_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.3.20.3
purl pkg:maven/org.apache.struts/struts2-core@2.3.20.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-3yq7-n972-j7dh
2
vulnerability VCID-4agy-6nsx-7ufh
3
vulnerability VCID-6hrc-fm64-ckhf
4
vulnerability VCID-74ab-1p1c-4qbd
5
vulnerability VCID-79j9-v8gz-rfax
6
vulnerability VCID-7c97-nj5a-hqb8
7
vulnerability VCID-87fh-rvvb-6ubq
8
vulnerability VCID-8bsh-bshc-vkgq
9
vulnerability VCID-95ts-vpk6-uubg
10
vulnerability VCID-at5c-f8p8-67fh
11
vulnerability VCID-b7zy-qhz9-tuar
12
vulnerability VCID-bgbt-j1n9-6yg5
13
vulnerability VCID-cm62-bsdz-yye2
14
vulnerability VCID-dk2f-14xj-9bf8
15
vulnerability VCID-gfxq-vtry-bqgg
16
vulnerability VCID-hgj2-vqzn-gyeb
17
vulnerability VCID-j5su-cnqd-6yad
18
vulnerability VCID-sf53-bgb2-7ue2
19
vulnerability VCID-tgd1-s1yg-9fdt
20
vulnerability VCID-vgp6-jxqt-pbf4
21
vulnerability VCID-y4qu-21c9-6fav
22
vulnerability VCID-y5uq-a6dx-3yd4
23
vulnerability VCID-ygbu-vb2t-jqhx
24
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.20.3
1
url pkg:maven/org.apache.struts/struts2-core@2.3.24.3
purl pkg:maven/org.apache.struts/struts2-core@2.3.24.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yq7-n972-j7dh
1
vulnerability VCID-579w-2k2v-efa2
2
vulnerability VCID-6hrc-fm64-ckhf
3
vulnerability VCID-74ab-1p1c-4qbd
4
vulnerability VCID-79j9-v8gz-rfax
5
vulnerability VCID-7c97-nj5a-hqb8
6
vulnerability VCID-87fh-rvvb-6ubq
7
vulnerability VCID-8bsh-bshc-vkgq
8
vulnerability VCID-95ts-vpk6-uubg
9
vulnerability VCID-b7zy-qhz9-tuar
10
vulnerability VCID-bgbt-j1n9-6yg5
11
vulnerability VCID-cm62-bsdz-yye2
12
vulnerability VCID-dk2f-14xj-9bf8
13
vulnerability VCID-gfxq-vtry-bqgg
14
vulnerability VCID-hgj2-vqzn-gyeb
15
vulnerability VCID-j5su-cnqd-6yad
16
vulnerability VCID-mdde-pa5h-w7g4
17
vulnerability VCID-sf53-bgb2-7ue2
18
vulnerability VCID-tgd1-s1yg-9fdt
19
vulnerability VCID-vgp6-jxqt-pbf4
20
vulnerability VCID-y4qu-21c9-6fav
21
vulnerability VCID-y5uq-a6dx-3yd4
22
vulnerability VCID-ygbu-vb2t-jqhx
23
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.24.3
2
url pkg:maven/org.apache.struts/struts2-core@2.3.28.1
purl pkg:maven/org.apache.struts/struts2-core@2.3.28.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yq7-n972-j7dh
1
vulnerability VCID-579w-2k2v-efa2
2
vulnerability VCID-74ab-1p1c-4qbd
3
vulnerability VCID-79j9-v8gz-rfax
4
vulnerability VCID-7c97-nj5a-hqb8
5
vulnerability VCID-87fh-rvvb-6ubq
6
vulnerability VCID-8bsh-bshc-vkgq
7
vulnerability VCID-95ts-vpk6-uubg
8
vulnerability VCID-b7zy-qhz9-tuar
9
vulnerability VCID-bgbt-j1n9-6yg5
10
vulnerability VCID-cm62-bsdz-yye2
11
vulnerability VCID-dk2f-14xj-9bf8
12
vulnerability VCID-gfxq-vtry-bqgg
13
vulnerability VCID-hgj2-vqzn-gyeb
14
vulnerability VCID-mdde-pa5h-w7g4
15
vulnerability VCID-sf53-bgb2-7ue2
16
vulnerability VCID-tgd1-s1yg-9fdt
17
vulnerability VCID-vgp6-jxqt-pbf4
18
vulnerability VCID-y4qu-21c9-6fav
19
vulnerability VCID-y5uq-a6dx-3yd4
20
vulnerability VCID-ygbu-vb2t-jqhx
21
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.28.1
aliases CVE-2016-3082, GHSA-pvm9-288c-v5wq
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2rjv-1thm-dugt
1
url VCID-579w-2k2v-efa2
vulnerability_id VCID-579w-2k2v-efa2
summary In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12611.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12611.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12611
reference_id
reference_type
scores
0
value 0.94228
scoring_system epss
scoring_elements 0.99929
published_at 2026-04-29T12:55:00Z
1
value 0.94228
scoring_system epss
scoring_elements 0.99928
published_at 2026-04-26T12:55:00Z
2
value 0.94228
scoring_system epss
scoring_elements 0.99927
published_at 2026-04-21T12:55:00Z
3
value 0.94228
scoring_system epss
scoring_elements 0.99926
published_at 2026-04-18T12:55:00Z
4
value 0.94228
scoring_system epss
scoring_elements 0.99925
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12611
2
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
3
reference_url https://github.com/apache/struts/commit/2306f5f7fad7f0157f216f34331238feb0539fa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/2306f5f7fad7f0157f216f34331238feb0539fa
4
reference_url https://github.com/apache/struts/commit/637ad1c3707266c33daabb18d7754e795e6681f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/637ad1c3707266c33daabb18d7754e795e6681f
5
reference_url https://kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001
6
reference_url https://struts.apache.org/docs/s2-053.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://struts.apache.org/docs/s2-053.html
7
reference_url https://web.archive.org/web/20170923161654/http://www.securityfocus.com/bid/100829
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170923161654/http://www.securityfocus.com/bid/100829
8
reference_url http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-003.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-003.txt
9
reference_url http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
10
reference_url http://www.securityfocus.com/bid/100829
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100829
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1489478
reference_id 1489478
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1489478
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.32:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.32:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.33:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*
99
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta1:*:*:*:*:*:*
100
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta2:*:*:*:*:*:*
101
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.5:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.5:beta3:*:*:*:*:*:*
102
reference_url https://github.com/brianwrf/S2-053-CVE-2017-12611/blob/a587bbdc79843fe44ad3fe0439d7add3f887bc31/exploit.py
reference_id CVE-2017-12611
reference_type exploit
scores
url https://github.com/brianwrf/S2-053-CVE-2017-12611/blob/a587bbdc79843fe44ad3fe0439d7add3f887bc31/exploit.py
103
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/44556.py
reference_id CVE-2017-12611
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/44556.py
104
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12611
reference_id CVE-2017-12611
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12611
105
reference_url https://github.com/advisories/GHSA-8fx9-5hx8-crhm
reference_id GHSA-8fx9-5hx8-crhm
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8fx9-5hx8-crhm
fixed_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.3.20.3
purl pkg:maven/org.apache.struts/struts2-core@2.3.20.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-3yq7-n972-j7dh
2
vulnerability VCID-4agy-6nsx-7ufh
3
vulnerability VCID-6hrc-fm64-ckhf
4
vulnerability VCID-74ab-1p1c-4qbd
5
vulnerability VCID-79j9-v8gz-rfax
6
vulnerability VCID-7c97-nj5a-hqb8
7
vulnerability VCID-87fh-rvvb-6ubq
8
vulnerability VCID-8bsh-bshc-vkgq
9
vulnerability VCID-95ts-vpk6-uubg
10
vulnerability VCID-at5c-f8p8-67fh
11
vulnerability VCID-b7zy-qhz9-tuar
12
vulnerability VCID-bgbt-j1n9-6yg5
13
vulnerability VCID-cm62-bsdz-yye2
14
vulnerability VCID-dk2f-14xj-9bf8
15
vulnerability VCID-gfxq-vtry-bqgg
16
vulnerability VCID-hgj2-vqzn-gyeb
17
vulnerability VCID-j5su-cnqd-6yad
18
vulnerability VCID-sf53-bgb2-7ue2
19
vulnerability VCID-tgd1-s1yg-9fdt
20
vulnerability VCID-vgp6-jxqt-pbf4
21
vulnerability VCID-y4qu-21c9-6fav
22
vulnerability VCID-y5uq-a6dx-3yd4
23
vulnerability VCID-ygbu-vb2t-jqhx
24
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.20.3
1
url pkg:maven/org.apache.struts/struts2-core@2.3.34
purl pkg:maven/org.apache.struts/struts2-core@2.3.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yq7-n972-j7dh
1
vulnerability VCID-79j9-v8gz-rfax
2
vulnerability VCID-87fh-rvvb-6ubq
3
vulnerability VCID-95ts-vpk6-uubg
4
vulnerability VCID-b7zy-qhz9-tuar
5
vulnerability VCID-bgbt-j1n9-6yg5
6
vulnerability VCID-cm62-bsdz-yye2
7
vulnerability VCID-dk2f-14xj-9bf8
8
vulnerability VCID-gfxq-vtry-bqgg
9
vulnerability VCID-hgj2-vqzn-gyeb
10
vulnerability VCID-tgd1-s1yg-9fdt
11
vulnerability VCID-y5uq-a6dx-3yd4
12
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.34
2
url pkg:maven/org.apache.struts/struts2-core@2.5.10.1
purl pkg:maven/org.apache.struts/struts2-core@2.5.10.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yq7-n972-j7dh
1
vulnerability VCID-579w-2k2v-efa2
2
vulnerability VCID-79j9-v8gz-rfax
3
vulnerability VCID-87fh-rvvb-6ubq
4
vulnerability VCID-95ts-vpk6-uubg
5
vulnerability VCID-b7zy-qhz9-tuar
6
vulnerability VCID-bgbt-j1n9-6yg5
7
vulnerability VCID-cm62-bsdz-yye2
8
vulnerability VCID-dk2f-14xj-9bf8
9
vulnerability VCID-gfxq-vtry-bqgg
10
vulnerability VCID-hgj2-vqzn-gyeb
11
vulnerability VCID-mdde-pa5h-w7g4
12
vulnerability VCID-tgd1-s1yg-9fdt
13
vulnerability VCID-y4qu-21c9-6fav
14
vulnerability VCID-y5uq-a6dx-3yd4
15
vulnerability VCID-zkg1-bed6-bbfv
16
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.10.1
3
url pkg:maven/org.apache.struts/struts2-core@2.5.11
purl pkg:maven/org.apache.struts/struts2-core@2.5.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.11
4
url pkg:maven/org.apache.struts/struts2-core@2.5.12
purl pkg:maven/org.apache.struts/struts2-core@2.5.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yq7-n972-j7dh
1
vulnerability VCID-79j9-v8gz-rfax
2
vulnerability VCID-87fh-rvvb-6ubq
3
vulnerability VCID-95ts-vpk6-uubg
4
vulnerability VCID-b7zy-qhz9-tuar
5
vulnerability VCID-bgbt-j1n9-6yg5
6
vulnerability VCID-cm62-bsdz-yye2
7
vulnerability VCID-dk2f-14xj-9bf8
8
vulnerability VCID-gfxq-vtry-bqgg
9
vulnerability VCID-hgj2-vqzn-gyeb
10
vulnerability VCID-mdde-pa5h-w7g4
11
vulnerability VCID-tgd1-s1yg-9fdt
12
vulnerability VCID-y5uq-a6dx-3yd4
13
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.12
aliases CVE-2017-12611, GHSA-8fx9-5hx8-crhm
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-579w-2k2v-efa2
2
url VCID-d8as-n8hc-j3fj
vulnerability_id VCID-d8as-n8hc-j3fj
summary 
Apache Struts directory traversal vulnerability
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a `..%252f` (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x.
references
0
reference_url http://issues.apache.org/struts/browse/WW-2779
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://issues.apache.org/struts/browse/WW-2779
1
reference_url http://osvdb.org/49733
reference_id
reference_type
scores
url http://osvdb.org/49733
2
reference_url http://osvdb.org/49734
reference_id
reference_type
scores
url http://osvdb.org/49734
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-6505
reference_id
reference_type
scores
0
value 0.82879
scoring_system epss
scoring_elements 0.99257
published_at 2026-04-29T12:55:00Z
1
value 0.82879
scoring_system epss
scoring_elements 0.99242
published_at 2026-04-02T12:55:00Z
2
value 0.82879
scoring_system epss
scoring_elements 0.99244
published_at 2026-04-04T12:55:00Z
3
value 0.82879
scoring_system epss
scoring_elements 0.99248
published_at 2026-04-07T12:55:00Z
4
value 0.82879
scoring_system epss
scoring_elements 0.99249
published_at 2026-04-08T12:55:00Z
5
value 0.82879
scoring_system epss
scoring_elements 0.9925
published_at 2026-04-13T12:55:00Z
6
value 0.82879
scoring_system epss
scoring_elements 0.99251
published_at 2026-04-12T12:55:00Z
7
value 0.82879
scoring_system epss
scoring_elements 0.99252
published_at 2026-04-21T12:55:00Z
8
value 0.82879
scoring_system epss
scoring_elements 0.99255
published_at 2026-04-24T12:55:00Z
9
value 0.82879
scoring_system epss
scoring_elements 0.99256
published_at 2026-04-26T12:55:00Z
10
value 0.82879
scoring_system epss
scoring_elements 0.9924
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-6505
4
reference_url http://secunia.com/advisories/32497
reference_id
reference_type
scores
url http://secunia.com/advisories/32497
5
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
6
reference_url https://github.com/apache/struts/commit/04fcefa44bae1263c7cad6986a9dafed67f0164f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/04fcefa44bae1263c7cad6986a9dafed67f0164f
7
reference_url https://github.com/apache/struts/commit/1f1c996eb1f0f3e2193fba0075f62ccd04e3c0c3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/1f1c996eb1f0f3e2193fba0075f62ccd04e3c0c3
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-6505
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-6505
9
reference_url http://struts.apache.org/2.x/docs/s2-004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://struts.apache.org/2.x/docs/s2-004.html
10
reference_url https://web.archive.org/web/20081208214512/http://secunia.com/advisories/32497
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081208214512/http://secunia.com/advisories/32497
11
reference_url https://web.archive.org/web/20111025094319/http://www.securityfocus.com/bid/32104
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111025094319/http://www.securityfocus.com/bid/32104
12
reference_url http://www.securityfocus.com/bid/32104
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/32104
13
reference_url http://www.vupen.com/english/advisories/2008/3003
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/3003
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2_beta:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:2.1.2_beta:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:2.1.2_beta:*:*:*:*:*:*:*
21
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32565.txt
reference_id CVE-2008-6505;OSVDB-49734
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32565.txt
22
reference_url https://www.securityfocus.com/bid/32104/info
reference_id CVE-2008-6505;OSVDB-49734
reference_type exploit
scores
url https://www.securityfocus.com/bid/32104/info
23
reference_url https://github.com/advisories/GHSA-wv7g-xhvw-8hcp
reference_id GHSA-wv7g-xhvw-8hcp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wv7g-xhvw-8hcp
fixed_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.1.3
purl pkg:maven/org.apache.struts/struts2-core@2.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.3
1
url pkg:maven/org.apache.struts/struts2-core@2.1.6
purl pkg:maven/org.apache.struts/struts2-core@2.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chz-36wn-9fcv
1
vulnerability VCID-2rjv-1thm-dugt
2
vulnerability VCID-2v7h-fght-cugn
3
vulnerability VCID-3yq7-n972-j7dh
4
vulnerability VCID-4agy-6nsx-7ufh
5
vulnerability VCID-579w-2k2v-efa2
6
vulnerability VCID-6241-shkt-s7ew
7
vulnerability VCID-6hrc-fm64-ckhf
8
vulnerability VCID-6t1x-s2k2-b7bq
9
vulnerability VCID-759g-hsfg-97f8
10
vulnerability VCID-79j9-v8gz-rfax
11
vulnerability VCID-87fh-rvvb-6ubq
12
vulnerability VCID-8bsh-bshc-vkgq
13
vulnerability VCID-8mws-fbmg-cqa9
14
vulnerability VCID-95ts-vpk6-uubg
15
vulnerability VCID-at5c-f8p8-67fh
16
vulnerability VCID-b59n-uxft-4qgz
17
vulnerability VCID-b7zy-qhz9-tuar
18
vulnerability VCID-bgbt-j1n9-6yg5
19
vulnerability VCID-cm62-bsdz-yye2
20
vulnerability VCID-dk2f-14xj-9bf8
21
vulnerability VCID-evh9-mua1-2bem
22
vulnerability VCID-fv6w-cdtc-kkhx
23
vulnerability VCID-gfxq-vtry-bqgg
24
vulnerability VCID-gv5f-auvz-5fda
25
vulnerability VCID-h4yg-zrv6-aqa1
26
vulnerability VCID-hgj2-vqzn-gyeb
27
vulnerability VCID-hkjh-35ye-1ugj
28
vulnerability VCID-j5su-cnqd-6yad
29
vulnerability VCID-k6mz-k1yb-4uej
30
vulnerability VCID-kdsa-599r-eud7
31
vulnerability VCID-me84-wy85-hkf5
32
vulnerability VCID-n2dn-bnjc-13gp
33
vulnerability VCID-n4fb-crnk-eugz
34
vulnerability VCID-nmgp-r7hb-5ke1
35
vulnerability VCID-q96z-v3bs-k3dg
36
vulnerability VCID-qqm4-frqy-bua5
37
vulnerability VCID-r28t-sdc5-kbga
38
vulnerability VCID-tcaj-6bcg-k7g2
39
vulnerability VCID-tgd1-s1yg-9fdt
40
vulnerability VCID-vgp6-jxqt-pbf4
41
vulnerability VCID-vkb9-11h4-dugp
42
vulnerability VCID-vnkw-9fa2-zqcm
43
vulnerability VCID-x65e-31g3-77bp
44
vulnerability VCID-xz41-1z86-37ew
45
vulnerability VCID-y5uq-a6dx-3yd4
46
vulnerability VCID-ygbu-vb2t-jqhx
47
vulnerability VCID-z1gf-169n-m3af
48
vulnerability VCID-zb3c-gnyc-yug8
49
vulnerability VCID-zxww-8kb3-tufv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.6
aliases CVE-2008-6505, GHSA-wv7g-xhvw-8hcp
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d8as-n8hc-j3fj
3
url VCID-skbn-jggt-uffg
vulnerability_id VCID-skbn-jggt-uffg
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-6682
reference_id
reference_type
scores
0
value 0.0143
scoring_system epss
scoring_elements 0.80725
published_at 2026-04-29T12:55:00Z
1
value 0.0143
scoring_system epss
scoring_elements 0.80619
published_at 2026-04-07T12:55:00Z
2
value 0.0143
scoring_system epss
scoring_elements 0.80646
published_at 2026-04-08T12:55:00Z
3
value 0.0143
scoring_system epss
scoring_elements 0.80656
published_at 2026-04-09T12:55:00Z
4
value 0.0143
scoring_system epss
scoring_elements 0.80672
published_at 2026-04-11T12:55:00Z
5
value 0.0143
scoring_system epss
scoring_elements 0.80659
published_at 2026-04-12T12:55:00Z
6
value 0.0143
scoring_system epss
scoring_elements 0.80651
published_at 2026-04-13T12:55:00Z
7
value 0.0143
scoring_system epss
scoring_elements 0.8068
published_at 2026-04-16T12:55:00Z
8
value 0.0143
scoring_system epss
scoring_elements 0.80682
published_at 2026-04-18T12:55:00Z
9
value 0.0143
scoring_system epss
scoring_elements 0.80685
published_at 2026-04-21T12:55:00Z
10
value 0.0143
scoring_system epss
scoring_elements 0.80708
published_at 2026-04-24T12:55:00Z
11
value 0.0143
scoring_system epss
scoring_elements 0.80712
published_at 2026-04-26T12:55:00Z
12
value 0.0143
scoring_system epss
scoring_elements 0.80595
published_at 2026-04-01T12:55:00Z
13
value 0.0143
scoring_system epss
scoring_elements 0.80603
published_at 2026-04-02T12:55:00Z
14
value 0.0143
scoring_system epss
scoring_elements 0.80625
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-6682
1
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
2
reference_url https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/09147ffad2b3046ed21af0f524c5088e2ac551e6
3
reference_url https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/bd3f2f59c9b09f70aed3ebab6bb69b464ee2d6cb
4
reference_url https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/dae026a0f0511f83852053bae9d5a622e7f80486
5
reference_url https://issues.apache.org/struts/browse/WW-2414
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/struts/browse/WW-2414
6
reference_url https://issues.apache.org/struts/browse/WW-2427
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/struts/browse/WW-2427
7
reference_url https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080610075918/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449i20.html
8
reference_url https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080611112834/http://www.nabble.com/Feedback%3A-WW-2414%2C-XSS-attack-is-possible-if-using-%3Cs%3Aurl-...%3E-and-%3Cs%3Aa-...%3E-td14771449.html
9
reference_url https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229155553/http://www.securityfocus.com/bid/34686
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-6682
reference_id CVE-2008-6682
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-6682
11
reference_url https://github.com/advisories/GHSA-jgcr-9c2q-rvp8
reference_id GHSA-jgcr-9c2q-rvp8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgcr-9c2q-rvp8
fixed_packages
0
url pkg:maven/org.apache.struts/struts2-core@2.1.1
purl pkg:maven/org.apache.struts/struts2-core@2.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bgbt-j1n9-6yg5
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.1
aliases CVE-2008-6682, GHSA-jgcr-9c2q-rvp8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-skbn-jggt-uffg
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.0