Search for packages
| purl | pkg:maven/org.apache.struts/struts2-core@2.3.5 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-579w-2k2v-efa2
Aliases: CVE-2017-12611 GHSA-8fx9-5hx8-crhm |
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. |
Affected by 25 other vulnerabilities. Affected by 13 other vulnerabilities. Affected by 17 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 14 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:47:20.720027+00:00 | GitLab Importer | Affected by | VCID-579w-2k2v-efa2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.struts/struts2-core/CVE-2017-12611.yml | 38.0.0 |