Search for packages
| purl | pkg:rpm/redhat/struts@1.3.10-6.ep5?arch=el6 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ft9h-4567-aueq
Aliases: CVE-2017-7514 |
SAT 5 XSS in the Failed Systems page | There are no reported fixed by versions. |
|
VCID-nur4-1g8a-57ew
Aliases: CVE-2014-0114 GHSA-p66x-2cv9-qq3v |
Improper Input Validation Apache Commons BeanUtils does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the `ActionForm` object in Struts | There are no reported fixed by versions. |
|
VCID-wka4-fqu5-qbeh
Aliases: CVE-2014-7812 |
Spacewalk: XSS in system-group | There are no reported fixed by versions. |
|
VCID-zmqy-v5k5-jbfx
Aliases: CVE-2014-7811 |
Spacewalk: multiple XSS | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:48:17.394522+00:00 | RedHat Importer | Affected by | VCID-nur4-1g8a-57ew | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0114.json | 38.0.0 |
| 2026-04-01T14:44:59.319532+00:00 | RedHat Importer | Affected by | VCID-wka4-fqu5-qbeh | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7812.json | 38.0.0 |
| 2026-04-01T14:44:57.141898+00:00 | RedHat Importer | Affected by | VCID-zmqy-v5k5-jbfx | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7811.json | 38.0.0 |
| 2026-04-01T14:30:05.368012+00:00 | RedHat Importer | Affected by | VCID-ft9h-4567-aueq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7514.json | 38.0.0 |