VulnerableCode Package Details - pkg:maven/com.opensymphony/xwork@2.1.2-SNAPSHOT

Search for packages

Vulnerability	Summary	Fixed by
VCID-tgd1-s1yg-9fdt Aliases: CVE-2025-68493 GHSA-qcfc-hmrc-59x7	Apache Struts 2 is Missing XML Validation Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-tgd1-s1yg-9fdt
Aliases:
CVE-2025-68493
GHSA-qcfc-hmrc-59x7

Apache Struts 2 is Missing XML Validation Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-u5zn-2jp1-97h2	Improper Input Validation Remote attackers could execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a `#` representation for the `#` character.	CVE-2008-6504 GHSA-wxw2-2mx5-c5qf

Vulnerability

Summary

Aliases

VCID-u5zn-2jp1-97h2

Improper Input Validation Remote attackers could execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a `#` representation for the `#` character.

CVE-2008-6504
GHSA-wxw2-2mx5-c5qf

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-17T00:07:16.502705+00:00	GitLab Importer	Affected by	VCID-tgd1-s1yg-9fdt	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2025-68493.yml	38.4.0
2026-04-16T20:29:50.505576+00:00	GitLab Importer	Fixing	VCID-u5zn-2jp1-97h2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2008-6504.yml	38.4.0
2026-04-12T01:30:42.775666+00:00	GitLab Importer	Affected by	VCID-tgd1-s1yg-9fdt	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2025-68493.yml	38.3.0
2026-04-11T21:40:22.922779+00:00	GitLab Importer	Fixing	VCID-u5zn-2jp1-97h2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2008-6504.yml	38.3.0
2026-04-03T01:39:32.429236+00:00	GitLab Importer	Affected by	VCID-tgd1-s1yg-9fdt	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2025-68493.yml	38.1.0
2026-04-02T21:54:24.105775+00:00	GitLab Importer	Fixing	VCID-u5zn-2jp1-97h2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2008-6504.yml	38.1.0
2026-04-01T16:11:46.496800+00:00	GitLab Importer	Fixing	VCID-u5zn-2jp1-97h2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.opensymphony/xwork/CVE-2008-6504.yml	38.0.0