Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.struts/struts2-core@2.0.4

Type maven

Namespace org.apache.struts

Name struts2-core

Version 2.0.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.8.0

Latest_non_vulnerable_version 7.1.1

Affected_by_vulnerabilities

url VCID-cm62-bsdz-yye2

vulnerability_id VCID-cm62-bsdz-yye2

summary Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.

references

reference_url

http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11776.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11776

reference_id

reference_type

scores

value	0.94431
scoring_system	epss
scoring_elements	0.99985
published_at	2026-04-18T12:55:00Z

value	0.94431
scoring_system	epss
scoring_elements	0.99984
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11776

reference_url

https://cwiki.apache.org/confluence/display/WW/S2-057

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://cwiki.apache.org/confluence/display/WW/S2-057

reference_url

https://github.com/apache/struts

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts

reference_url	https://github.com/apache/struts/commit/4a3917176de2df7f33a85511d067f31e50dcc1b
reference_id
reference_type
scores
url	https://github.com/apache/struts/commit/4a3917176de2df7f33a85511d067f31e50dcc1b

reference_url

https://github.com/apache/struts/commit/6e87474f9ad0549f07dd2c37d50a9ccd0977c6e

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts/commit/6e87474f9ad0549f07dd2c37d50a9ccd0977c6e

reference_url	https://github.com/apache/struts/commit/6efaf900d4ffb7be8a74065af5553bad2389f72
reference_id
reference_type
scores
url	https://github.com/apache/struts/commit/6efaf900d4ffb7be8a74065af5553bad2389f72

reference_url	https://github.com/apache/struts/commit/b3bad5ea44f3fd9edb2cb491192c5900f46d45d
reference_id
reference_type
scores
url	https://github.com/apache/struts/commit/b3bad5ea44f3fd9edb2cb491192c5900f46d45d

reference_url

https://lgtm.com/blog/apache_struts_CVE-2018-11776

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://lgtm.com/blog/apache_struts_CVE-2018-11776

reference_url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E

reference_url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012

reference_url

https://security.netapp.com/advisory/ntap-20180822-0001

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180822-0001

reference_url

https://security.netapp.com/advisory/ntap-20181018-0002

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20181018-0002

reference_url

https://web.archive.org/web/20180822160726/http://www.securityfocus.com/bid/105125

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20180822160726/http://www.securityfocus.com/bid/105125

reference_url

https://web.archive.org/web/20200807025819/http://www.securitytracker.com/id/1041888

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200807025819/http://www.securitytracker.com/id/1041888

reference_url

https://web.archive.org/web/20201208145803/https://securitytracker.com/id/1041547

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201208145803/https://securitytracker.com/id/1041547

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-11776

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-11776

reference_url

https://www.exploit-db.com/exploits/45260

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/45260

reference_url

https://www.exploit-db.com/exploits/45262

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/45262

reference_url

https://www.exploit-db.com/exploits/45367

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/45367

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt

reference_url

http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url

http://www.securityfocus.com/bid/105125

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.securityfocus.com/bid/105125

reference_url

http://www.securitytracker.com/id/1041547

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.securitytracker.com/id/1041547

reference_url

http://www.securitytracker.com/id/1041888

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

http://www.securitytracker.com/id/1041888

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1620019
reference_id	1620019
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1620019

reference_url

https://www.exploit-db.com/exploits/45260/

reference_id

45260

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://www.exploit-db.com/exploits/45260/

reference_url

https://www.exploit-db.com/exploits/45262/

reference_id

45262

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://www.exploit-db.com/exploits/45262/

reference_url

https://www.exploit-db.com/exploits/45367/

reference_id

45367

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://www.exploit-db.com/exploits/45367/

reference_url	https://github.com/hook-s3c/CVE-2018-11776-Python-PoC/blob/343bf070cc8649803ea865bd64543234fec1a4f6/exploitS2-057-cmd.py
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://github.com/hook-s3c/CVE-2018-11776-Python-PoC/blob/343bf070cc8649803ea865bd64543234fec1a4f6/exploitS2-057-cmd.py

reference_url	https://github.com/mazen160/struts-pwn_CVE-2018-11776/blob/ffaefa75242315913a8f695b6d5eab8b6143794d/struts-pwn.py
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://github.com/mazen160/struts-pwn_CVE-2018-11776/blob/ffaefa75242315913a8f695b6d5eab8b6143794d/struts-pwn.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45260.py
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45260.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/45262.py
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/45262.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/45367.rb
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/45367.rb

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-11776

reference_id

CVE-2018-11776

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11776

reference_url	https://raw.githubusercontent.com/rapid7/metasploit-framework/718aaca0f4a25827695d643568beaa784ff21518/modules/exploits/multi/http/struts2_namespace_ognl.rb
reference_id	CVE-2018-11776
reference_type	exploit
scores
url	https://raw.githubusercontent.com/rapid7/metasploit-framework/718aaca0f4a25827695d643568beaa784ff21518/modules/exploits/multi/http/struts2_namespace_ognl.rb

reference_url

https://github.com/hook-s3c/CVE-2018-11776-Python-PoC

reference_id

CVE-2018-11776-PYTHON-POC

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://github.com/hook-s3c/CVE-2018-11776-Python-PoC

reference_url

https://github.com/advisories/GHSA-cr6j-3jp9-rw65

reference_id

GHSA-cr6j-3jp9-rw65

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cr6j-3jp9-rw65

reference_url

https://security.netapp.com/advisory/ntap-20180822-0001/

reference_id

ntap-20180822-0001

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:01:33Z/

url

https://security.netapp.com/advisory/ntap-20180822-0001/

fixed_packages

url pkg:maven/org.apache.struts/struts2-core@2.3.35

purl pkg:maven/org.apache.struts/struts2-core@2.3.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.35

url pkg:maven/org.apache.struts/struts2-core@2.5.17

purl pkg:maven/org.apache.struts/struts2-core@2.5.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.17

aliases CVE-2018-11776, GHSA-cr6j-3jp9-rw65

risk_score 10.0

exploitability 2.0

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cm62-bsdz-yye2

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.4

Package Instance