Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nmgp-r7hb-5ke1

Summary The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.

Aliases

alias	CVE-2012-0391

alias	GHSA-4wrr-9h5r-m92w

Fixed_packages

url pkg:maven/org.apache.struts/struts2-core@2.2.3.1

purl pkg:maven/org.apache.struts/struts2-core@2.2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.2.3.1

url pkg:maven/org.apache.struts/struts2-parent@2.2.3.1

purl pkg:maven/org.apache.struts/struts2-parent@2.2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.2.3.1

url pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3.1

purl pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-p9xh-frm5-8ucp

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-ufcq-57q9-53c7

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3.1

Affected_packages

url pkg:maven/org.apache.struts/struts2-core@2.0.5

purl pkg:maven/org.apache.struts/struts2-core@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-skbn-jggt-uffg

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.5

url pkg:maven/org.apache.struts/struts2-core@2.0.6

purl pkg:maven/org.apache.struts/struts2-core@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-skbn-jggt-uffg

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.6

url pkg:maven/org.apache.struts/struts2-core@2.0.8

purl pkg:maven/org.apache.struts/struts2-core@2.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-skbn-jggt-uffg

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.8

url pkg:maven/org.apache.struts/struts2-core@2.0.9

purl pkg:maven/org.apache.struts/struts2-core@2.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-skbn-jggt-uffg

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.9

url pkg:maven/org.apache.struts/struts2-core@2.0.11

purl pkg:maven/org.apache.struts/struts2-core@2.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-skbn-jggt-uffg

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11

url pkg:maven/org.apache.struts/struts2-core@2.0.11.1

purl pkg:maven/org.apache.struts/struts2-core@2.0.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11.1

url pkg:maven/org.apache.struts/struts2-core@2.0.11.2

purl pkg:maven/org.apache.struts/struts2-core@2.0.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.11.2

url pkg:maven/org.apache.struts/struts2-core@2.0.12

purl pkg:maven/org.apache.struts/struts2-core@2.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.12

url pkg:maven/org.apache.struts/struts2-core@2.0.14

purl pkg:maven/org.apache.struts/struts2-core@2.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.0.14

url pkg:maven/org.apache.struts/struts2-core@2.1.2

purl pkg:maven/org.apache.struts/struts2-core@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-d8as-n8hc-j3fj

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.2

url pkg:maven/org.apache.struts/struts2-core@2.1.6

purl pkg:maven/org.apache.struts/struts2-core@2.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.6

url pkg:maven/org.apache.struts/struts2-core@2.1.8

purl pkg:maven/org.apache.struts/struts2-core@2.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.8

url pkg:maven/org.apache.struts/struts2-core@2.1.8.1

purl pkg:maven/org.apache.struts/struts2-core@2.1.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-evh9-mua1-2bem

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.1.8.1

url pkg:maven/org.apache.struts/struts2-core@2.2.1

purl pkg:maven/org.apache.struts/struts2-core@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.2.1

url pkg:maven/org.apache.struts/struts2-core@2.2.1.1

purl pkg:maven/org.apache.struts/struts2-core@2.2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-x65e-31g3-77bp

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.2.1.1

url pkg:maven/org.apache.struts/struts2-core@2.2.3

purl pkg:maven/org.apache.struts/struts2-core@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2chz-36wn-9fcv

vulnerability	VCID-2rjv-1thm-dugt

vulnerability	VCID-2v7h-fght-cugn

vulnerability	VCID-3yq7-n972-j7dh

vulnerability	VCID-4agy-6nsx-7ufh

vulnerability	VCID-579w-2k2v-efa2

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-6hrc-fm64-ckhf

vulnerability	VCID-6t1x-s2k2-b7bq

vulnerability	VCID-759g-hsfg-97f8

vulnerability	VCID-79j9-v8gz-rfax

vulnerability	VCID-87fh-rvvb-6ubq

vulnerability	VCID-8bsh-bshc-vkgq

vulnerability	VCID-8mws-fbmg-cqa9

vulnerability	VCID-95ts-vpk6-uubg

vulnerability	VCID-at5c-f8p8-67fh

vulnerability	VCID-b59n-uxft-4qgz

vulnerability	VCID-b7zy-qhz9-tuar

vulnerability	VCID-bgbt-j1n9-6yg5

vulnerability	VCID-cm62-bsdz-yye2

vulnerability	VCID-dk2f-14xj-9bf8

vulnerability	VCID-fv6w-cdtc-kkhx

vulnerability	VCID-gfxq-vtry-bqgg

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-h4yg-zrv6-aqa1

vulnerability	VCID-hgj2-vqzn-gyeb

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-j5su-cnqd-6yad

vulnerability	VCID-k6mz-k1yb-4uej

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-me84-wy85-hkf5

vulnerability	VCID-n2dn-bnjc-13gp

vulnerability	VCID-n4fb-crnk-eugz

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-qqm4-frqy-bua5

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tcaj-6bcg-k7g2

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-vgp6-jxqt-pbf4

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-xz41-1z86-37ew

vulnerability	VCID-y5uq-a6dx-3yd4

vulnerability	VCID-ygbu-vb2t-jqhx

vulnerability	VCID-z1gf-169n-m3af

vulnerability	VCID-zb3c-gnyc-yug8

vulnerability	VCID-zxww-8kb3-tufv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.2.3

url pkg:maven/org.apache.struts/struts2-parent@2.0.5

purl pkg:maven/org.apache.struts/struts2-parent@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.5

url pkg:maven/org.apache.struts/struts2-parent@2.0.6

purl pkg:maven/org.apache.struts/struts2-parent@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.6

url pkg:maven/org.apache.struts/struts2-parent@2.0.8

purl pkg:maven/org.apache.struts/struts2-parent@2.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.8

url pkg:maven/org.apache.struts/struts2-parent@2.0.9

purl pkg:maven/org.apache.struts/struts2-parent@2.0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.9

url pkg:maven/org.apache.struts/struts2-parent@2.0.11

purl pkg:maven/org.apache.struts/struts2-parent@2.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.11

url pkg:maven/org.apache.struts/struts2-parent@2.0.11.1

purl pkg:maven/org.apache.struts/struts2-parent@2.0.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.11.1

url pkg:maven/org.apache.struts/struts2-parent@2.0.11.2

purl pkg:maven/org.apache.struts/struts2-parent@2.0.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.11.2

url pkg:maven/org.apache.struts/struts2-parent@2.0.12

purl pkg:maven/org.apache.struts/struts2-parent@2.0.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.12

url pkg:maven/org.apache.struts/struts2-parent@2.0.14

purl pkg:maven/org.apache.struts/struts2-parent@2.0.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.0.14

url pkg:maven/org.apache.struts/struts2-parent@2.1.2

purl pkg:maven/org.apache.struts/struts2-parent@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.1.2

url pkg:maven/org.apache.struts/struts2-parent@2.1.6

purl pkg:maven/org.apache.struts/struts2-parent@2.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.1.6

url pkg:maven/org.apache.struts/struts2-parent@2.1.8

purl pkg:maven/org.apache.struts/struts2-parent@2.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.1.8

url pkg:maven/org.apache.struts/struts2-parent@2.1.8.1

purl pkg:maven/org.apache.struts/struts2-parent@2.1.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.1.8.1

url pkg:maven/org.apache.struts/struts2-parent@2.2.1

purl pkg:maven/org.apache.struts/struts2-parent@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.2.1

url pkg:maven/org.apache.struts/struts2-parent@2.2.1.1

purl pkg:maven/org.apache.struts/struts2-parent@2.2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4bqg-76fv-3kcd

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.2.1.1

url pkg:maven/org.apache.struts/struts2-parent@2.2.3

purl pkg:maven/org.apache.struts/struts2-parent@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-c4ag-2wfu-53ew

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-tcaj-6bcg-k7g2

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-parent@2.2.3

url pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1

purl pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-fu4h-rp1z-83eq

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-p9xh-frm5-8ucp

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-ufcq-57q9-53c7

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-z1gf-169n-m3af

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1

url pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1.1

purl pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-fu4h-rp1z-83eq

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-p9xh-frm5-8ucp

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-ufcq-57q9-53c7

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-z1gf-169n-m3af

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts.xwork/xwork-core@2.2.1.1

url pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3

purl pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6241-shkt-s7ew

vulnerability	VCID-gv5f-auvz-5fda

vulnerability	VCID-hkjh-35ye-1ugj

vulnerability	VCID-kdsa-599r-eud7

vulnerability	VCID-nmgp-r7hb-5ke1

vulnerability	VCID-p9xh-frm5-8ucp

vulnerability	VCID-q96z-v3bs-k3dg

vulnerability	VCID-r28t-sdc5-kbga

vulnerability	VCID-tgd1-s1yg-9fdt

vulnerability	VCID-ufcq-57q9-53c7

vulnerability	VCID-vkb9-11h4-dugp

vulnerability	VCID-vnkw-9fa2-zqcm

vulnerability	VCID-z1gf-169n-m3af

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts.xwork/xwork-core@2.2.3

References

reference_url

http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0391.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0391.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0391

reference_id

reference_type

scores

value	0.88319
scoring_system	epss
scoring_elements	0.99499
published_at	2026-04-21T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99495
published_at	2026-04-12T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99494
published_at	2026-04-13T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99493
published_at	2026-04-09T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99492
published_at	2026-04-07T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99498
published_at	2026-04-18T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.9949
published_at	2026-04-04T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99488
published_at	2026-04-02T12:55:00Z

value	0.88319
scoring_system	epss
scoring_elements	0.99497
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0391

reference_url

https://github.com/apache/struts

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts

reference_url

https://github.com/apache/struts/commit/25e50069d60434a30395e3a98357ffba2bed427e

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts/commit/25e50069d60434a30395e3a98357ffba2bed427e

reference_url

https://github.com/apache/struts/commit/5f54b8d087f5125d96838aafa5f64c2190e6885b

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts/commit/5f54b8d087f5125d96838aafa5f64c2190e6885b

reference_url

https://github.com/apache/struts/commit/b4265d369dc29d57a9f2846a85b26598e83f3892

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/struts/commit/b4265d369dc29d57a9f2846a85b26598e83f3892

reference_url

https://issues.apache.org/jira/browse/WW-3668

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

https://issues.apache.org/jira/browse/WW-3668

reference_url

http://struts.apache.org/2.x/docs/s2-008.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

http://struts.apache.org/2.x/docs/s2-008.html

reference_url

http://struts.apache.org/2.x/docs/version-notes-2311.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

http://struts.apache.org/2.x/docs/version-notes-2311.html

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0391

reference_id

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0391

reference_url

https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt

reference_url

http://www.exploit-db.com/exploits/18329

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

http://www.exploit-db.com/exploits/18329

reference_url

http://secunia.com/advisories/47393

reference_id

47393

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T20:07:52Z/

url

http://secunia.com/advisories/47393

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=773159
reference_id	773159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=773159

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-0391

reference_id

CVE-2012-0391

reference_type

scores

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-0391

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18984.rb
reference_id	CVE-2012-0391;OSVDB-78277
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18984.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/18329.txt
reference_id	CVE-2012-0394;CVE-2012-0393;CVE-2012-0392;CVE-2012-0391;OSVDB-78277;OSVDB-78276;OSVDB-78109;OSVDB-78108
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/18329.txt

reference_url

https://github.com/advisories/GHSA-4wrr-9h5r-m92w

reference_id

GHSA-4wrr-9h5r-m92w

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4wrr-9h5r-m92w

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	94
name	Improper Control of Generation of Code ('Code Injection')
description	The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	78
name	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
description	The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Exploits

date_added	`null`
description	This module exploits a remote command execution vulnerability in Apache Struts versions < 2.2.1.1. This issue is caused because the ExceptionDelegator interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
required_action	`null`
due_date	`null`
notes	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
known_ransomware_campaign_use	`false`
source_date_published	2012-01-06
exploit_type	`null`
platform	Java,Linux,Windows
source_date_updated	`null`
data_source	Metasploit
source_url	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb

date_added	2022-01-21
description	The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
required_action	Apply updates per vendor instructions.
due_date	2022-07-21
notes	https://nvd.nist.gov/vuln/detail/CVE-2012-0391
known_ransomware_campaign_use	`false`
source_date_published	`null`
exploit_type	`null`
platform	`null`
source_date_updated	`null`
data_source	KEV
source_url	`null`

date_added	2012-01-06
description	Apache Struts 2 < 2.3.1 - Multiple Vulnerabilities
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2012-01-06
exploit_type	webapps
platform	multiple
source_date_updated	2017-03-10
data_source	Exploit-DB
source_url

Severity_range_score 9.0 - 10.0

Exploitability 2.0

Weighted_severity 9.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmgp-r7hb-5ke1

Vulnerability Instance