Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.struts/struts-core@1.3.10
Typemaven
Namespaceorg.apache.struts
Namestruts-core
Version1.3.10
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-dk2f-14xj-9bf8
vulnerability_id VCID-dk2f-14xj-9bf8
summary 
Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory (OOM) owing to no sanity limit on normal form fields in multipart forms. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to an OOM if developer has set struts.multipart.maxSize to a value equal or greater than the available memory.

Upgrade to Struts 2.5.31 or 6.1.2.1 or greater
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-34396
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.30194
published_at 2026-04-09T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.30281
published_at 2026-04-04T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.30232
published_at 2026-04-02T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.30099
published_at 2026-04-07T12:55:00Z
4
value 0.00115
scoring_system epss
scoring_elements 0.30159
published_at 2026-04-08T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31376
published_at 2026-04-21T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31428
published_at 2026-04-12T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.3147
published_at 2026-04-11T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31404
published_at 2026-04-18T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31425
published_at 2026-04-16T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31391
published_at 2026-04-13T12:55:00Z
11
value 0.00123
scoring_system epss
scoring_elements 0.31004
published_at 2026-04-29T12:55:00Z
12
value 0.00123
scoring_system epss
scoring_elements 0.31083
published_at 2026-04-26T12:55:00Z
13
value 0.00123
scoring_system epss
scoring_elements 0.31207
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-34396
1
reference_url https://cwiki.apache.org/confluence/display/WW/S2-064
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:04:35Z/
url https://cwiki.apache.org/confluence/display/WW/S2-064
2
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
3
reference_url https://github.com/apache/struts/commit/2d6f1bc0a6f5ac575a56784ac6461816b67c4f21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/commit/2d6f1bc0a6f5ac575a56784ac6461816b67c4f21
4
reference_url https://github.com/apache/struts/releases/tag/STRUTS_2_5_31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/releases/tag/STRUTS_2_5_31
5
reference_url https://github.com/apache/struts/releases/tag/STRUTS_6_1_2_1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts/releases/tag/STRUTS_6_1_2_1
6
reference_url https://security.netapp.com/advisory/ntap-20230706-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230706-0005
7
reference_url http://www.openwall.com/lists/oss-security/2023/06/14/3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:04:35Z/
url http://www.openwall.com/lists/oss-security/2023/06/14/3
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-34396
reference_id CVE-2023-34396
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-34396
9
reference_url https://github.com/advisories/GHSA-4g42-gqrg-4633
reference_id GHSA-4g42-gqrg-4633
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4g42-gqrg-4633
10
reference_url https://security.netapp.com/advisory/ntap-20230706-0005/
reference_id ntap-20230706-0005
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T14:04:35Z/
url https://security.netapp.com/advisory/ntap-20230706-0005/
fixed_packages
aliases CVE-2023-34396, GHSA-4g42-gqrg-4633
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk2f-14xj-9bf8
1
url VCID-g2gb-x2nh-2bgz
vulnerability_id VCID-g2gb-x2nh-2bgz
summary 
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to `struts-examples/upload/upload-submit.do`, or the message parameter to (2) `struts-cookbook/processSimple.do` or (3) `struts-cookbook/processDyna.do`.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1007.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1007
reference_id
reference_type
scores
0
value 0.23022
scoring_system epss
scoring_elements 0.95931
published_at 2026-04-29T12:55:00Z
1
value 0.23022
scoring_system epss
scoring_elements 0.95923
published_at 2026-04-16T12:55:00Z
2
value 0.23022
scoring_system epss
scoring_elements 0.95928
published_at 2026-04-18T12:55:00Z
3
value 0.23022
scoring_system epss
scoring_elements 0.9593
published_at 2026-04-26T12:55:00Z
4
value 0.23022
scoring_system epss
scoring_elements 0.95874
published_at 2026-04-01T12:55:00Z
5
value 0.23022
scoring_system epss
scoring_elements 0.95882
published_at 2026-04-02T12:55:00Z
6
value 0.23022
scoring_system epss
scoring_elements 0.95891
published_at 2026-04-04T12:55:00Z
7
value 0.23022
scoring_system epss
scoring_elements 0.95894
published_at 2026-04-07T12:55:00Z
8
value 0.23022
scoring_system epss
scoring_elements 0.95903
published_at 2026-04-08T12:55:00Z
9
value 0.23022
scoring_system epss
scoring_elements 0.95906
published_at 2026-04-09T12:55:00Z
10
value 0.23022
scoring_system epss
scoring_elements 0.9591
published_at 2026-04-11T12:55:00Z
11
value 0.23022
scoring_system epss
scoring_elements 0.95909
published_at 2026-04-12T12:55:00Z
12
value 0.23022
scoring_system epss
scoring_elements 0.95911
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1007
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/73052
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/73052
3
reference_url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1007
reference_id
reference_type
scores
url https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1007
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=788286
reference_id 788286
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=788286
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1007
reference_id CVE-2012-1007
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1007
6
reference_url https://github.com/advisories/GHSA-9848-v244-962p
reference_id GHSA-9848-v244-962p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9848-v244-962p
fixed_packages
aliases CVE-2012-1007, GHSA-9848-v244-962p
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2gb-x2nh-2bgz
2
url VCID-ppuk-knqn-tfc6
vulnerability_id VCID-ppuk-knqn-tfc6
summary ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.
references
0
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2016-000097
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2016-000097
1
reference_url http://jvn.jp/en/jp/JVN65044642/index.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN65044642/index.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1182.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1182.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1182
reference_id
reference_type
scores
0
value 0.01805
scoring_system epss
scoring_elements 0.82852
published_at 2026-04-21T12:55:00Z
1
value 0.01805
scoring_system epss
scoring_elements 0.82849
published_at 2026-04-18T12:55:00Z
2
value 0.01805
scoring_system epss
scoring_elements 0.8285
published_at 2026-04-16T12:55:00Z
3
value 0.01805
scoring_system epss
scoring_elements 0.82811
published_at 2026-04-13T12:55:00Z
4
value 0.01805
scoring_system epss
scoring_elements 0.82816
published_at 2026-04-12T12:55:00Z
5
value 0.01805
scoring_system epss
scoring_elements 0.8282
published_at 2026-04-11T12:55:00Z
6
value 0.01805
scoring_system epss
scoring_elements 0.82804
published_at 2026-04-09T12:55:00Z
7
value 0.01805
scoring_system epss
scoring_elements 0.82798
published_at 2026-04-08T12:55:00Z
8
value 0.01805
scoring_system epss
scoring_elements 0.82772
published_at 2026-04-07T12:55:00Z
9
value 0.01805
scoring_system epss
scoring_elements 0.82775
published_at 2026-04-04T12:55:00Z
10
value 0.01805
scoring_system epss
scoring_elements 0.82762
published_at 2026-04-02T12:55:00Z
11
value 0.01805
scoring_system epss
scoring_elements 0.82746
published_at 2026-04-01T12:55:00Z
12
value 0.01805
scoring_system epss
scoring_elements 0.82874
published_at 2026-04-24T12:55:00Z
13
value 0.01805
scoring_system epss
scoring_elements 0.82883
published_at 2026-04-26T12:55:00Z
14
value 0.01805
scoring_system epss
scoring_elements 0.82888
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1182
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1343540
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1343540
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
7
reference_url https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
8
reference_url https://security.netapp.com/advisory/ntap-20180629-0006
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180629-0006
9
reference_url https://security.netapp.com/advisory/ntap-20180629-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180629-0006/
10
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
11
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
12
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
13
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
14
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
15
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
16
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
17
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
18
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
19
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
20
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
21
reference_url http://www.securityfocus.com/bid/91067
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91067
22
reference_url http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91787
23
reference_url http://www.securitytracker.com/id/1036056
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036056
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1182
reference_id CVE-2016-1182
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:P
1
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
2
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1182
53
reference_url https://security-tracker.debian.org/tracker/CVE-2016-1182
reference_id CVE-2016-1182
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2016-1182
54
reference_url https://github.com/advisories/GHSA-5ggr-mpgw-3mgx
reference_id GHSA-5ggr-mpgw-3mgx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5ggr-mpgw-3mgx
fixed_packages
aliases CVE-2016-1182, GHSA-5ggr-mpgw-3mgx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppuk-knqn-tfc6
3
url VCID-s3uq-35pj-byhy
vulnerability_id VCID-s3uq-35pj-byhy
summary The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.
references
0
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2015-000042
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2015-000042
1
reference_url http://jvn.jp/en/jp/JVN86448949/index.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN86448949/index.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0899.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0899.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0899
reference_id
reference_type
scores
0
value 0.69459
scoring_system epss
scoring_elements 0.98656
published_at 2026-04-16T12:55:00Z
1
value 0.69459
scoring_system epss
scoring_elements 0.98653
published_at 2026-04-13T12:55:00Z
2
value 0.69459
scoring_system epss
scoring_elements 0.98651
published_at 2026-04-12T12:55:00Z
3
value 0.69459
scoring_system epss
scoring_elements 0.9864
published_at 2026-04-02T12:55:00Z
4
value 0.69459
scoring_system epss
scoring_elements 0.98662
published_at 2026-04-29T12:55:00Z
5
value 0.69459
scoring_system epss
scoring_elements 0.98661
published_at 2026-04-24T12:55:00Z
6
value 0.69459
scoring_system epss
scoring_elements 0.98658
published_at 2026-04-21T12:55:00Z
7
value 0.69459
scoring_system epss
scoring_elements 0.98647
published_at 2026-04-08T12:55:00Z
8
value 0.69459
scoring_system epss
scoring_elements 0.98639
published_at 2026-04-01T12:55:00Z
9
value 0.69459
scoring_system epss
scoring_elements 0.98646
published_at 2026-04-07T12:55:00Z
10
value 0.69459
scoring_system epss
scoring_elements 0.98643
published_at 2026-04-04T12:55:00Z
11
value 0.69459
scoring_system epss
scoring_elements 0.98648
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0899
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0899
5
reference_url https://en.osdn.jp/projects/terasoluna/wiki/StrutsPatch2-EN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://en.osdn.jp/projects/terasoluna/wiki/StrutsPatch2-EN
6
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
7
reference_url https://github.com/kawasima/struts1-forever/commit/212bb0f7c57617b7b9c44cb1e056bd1e597c8e16
reference_id
reference_type
scores
url https://github.com/kawasima/struts1-forever/commit/212bb0f7c57617b7b9c44cb1e056bd1e597c8e16
8
reference_url https://security.netapp.com/advisory/ntap-20180629-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180629-0006
9
reference_url https://security.netapp.com/advisory/ntap-20180629-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180629-0006/
10
reference_url http://www.debian.org/security/2016/dsa-3536
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3536
11
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
12
reference_url http://www.securityfocus.com/bid/74423
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/74423
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1207099
reference_id 1207099
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1207099
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0899
reference_id CVE-2015-0899
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0899
32
reference_url https://github.com/advisories/GHSA-cvvx-r33m-v7pq
reference_id GHSA-cvvx-r33m-v7pq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvvx-r33m-v7pq
fixed_packages
aliases CVE-2015-0899, GHSA-cvvx-r33m-v7pq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3uq-35pj-byhy
4
url VCID-wqjz-93pk-pbg7
vulnerability_id VCID-wqjz-93pk-pbg7
summary ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
references
0
reference_url http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096
1
reference_url http://jvn.jp/en/jp/JVN03188560/index.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://jvn.jp/en/jp/JVN03188560/index.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1181.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1181.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1181
reference_id
reference_type
scores
0
value 0.09394
scoring_system epss
scoring_elements 0.92801
published_at 2026-04-21T12:55:00Z
1
value 0.09394
scoring_system epss
scoring_elements 0.92797
published_at 2026-04-18T12:55:00Z
2
value 0.09394
scoring_system epss
scoring_elements 0.92796
published_at 2026-04-16T12:55:00Z
3
value 0.09394
scoring_system epss
scoring_elements 0.92786
published_at 2026-04-13T12:55:00Z
4
value 0.09394
scoring_system epss
scoring_elements 0.92787
published_at 2026-04-11T12:55:00Z
5
value 0.09394
scoring_system epss
scoring_elements 0.92782
published_at 2026-04-09T12:55:00Z
6
value 0.09394
scoring_system epss
scoring_elements 0.92777
published_at 2026-04-08T12:55:00Z
7
value 0.09394
scoring_system epss
scoring_elements 0.92768
published_at 2026-04-07T12:55:00Z
8
value 0.09394
scoring_system epss
scoring_elements 0.9277
published_at 2026-04-04T12:55:00Z
9
value 0.09394
scoring_system epss
scoring_elements 0.92766
published_at 2026-04-02T12:55:00Z
10
value 0.09394
scoring_system epss
scoring_elements 0.92759
published_at 2026-04-01T12:55:00Z
11
value 0.09394
scoring_system epss
scoring_elements 0.92807
published_at 2026-04-24T12:55:00Z
12
value 0.09394
scoring_system epss
scoring_elements 0.92808
published_at 2026-04-26T12:55:00Z
13
value 0.09394
scoring_system epss
scoring_elements 0.92804
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1181
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1343538
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1343538
5
reference_url https://github.com/apache/struts
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/struts
6
reference_url https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8
7
reference_url https://security.netapp.com/advisory/ntap-20180629-0006
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20180629-0006
8
reference_url https://security.netapp.com/advisory/ntap-20180629-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180629-0006/
9
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
10
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
11
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
12
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
13
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
14
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
15
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
16
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
17
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
18
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
19
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
20
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
21
reference_url http://www.securityfocus.com/bid/91068
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91068
22
reference_url http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91787
23
reference_url http://www.securitytracker.com/id/1036056
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036056
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1181
reference_id CVE-2016-1181
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-1181
58
reference_url https://security-tracker.debian.org/tracker/CVE-2016-1181
reference_id CVE-2016-1181
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2016-1181
59
reference_url https://github.com/advisories/GHSA-7jw3-5q4w-89qg
reference_id GHSA-7jw3-5q4w-89qg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7jw3-5q4w-89qg
fixed_packages
aliases CVE-2016-1181, GHSA-7jw3-5q4w-89qg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqjz-93pk-pbg7
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts-core@1.3.10