VulnerableCode Package Details - pkg:rpm/redhat/struts@1.2.9-4jpp.8?arch=el5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/struts@1.2.9-4jpp.8?arch=el5_10

purl	pkg:rpm/redhat/struts@1.2.9-4jpp.8?arch=el5_10

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-nur4-1g8a-57ew Aliases: CVE-2014-0114 GHSA-p66x-2cv9-qq3v	Improper Input Validation Apache Commons BeanUtils does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the `ActionForm` object in Struts	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:48:17.375790+00:00	RedHat Importer	Affected by	VCID-nur4-1g8a-57ew	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0114.json	38.0.0