Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-m8m6-6vje-wbgu

Summary

DoS vulnerability
The REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

Aliases

alias	CVE-2017-15707

alias	GHSA-xcrm-qpp8-hcw4

Fixed_packages

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.16

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.16

Affected_packages

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.35

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.35

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.36

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.36

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.36

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.37

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.37

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.37

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5-BETA3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.6

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.6

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.7

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.7

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.8

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.8

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.12

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.12

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.3

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.3

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-npge-yn8z-6fac

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.29

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.29

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.30

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.30

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.30

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.31

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.31

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.32

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.32

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.33

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.33

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.33

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.34

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.34

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.2

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.2

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.5

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.5

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.8

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.8

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10.1

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10.1

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.12

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2f37-y2q9-e7h4

vulnerability	VCID-ceb4-v9ww-rkfn

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.12

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.13

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.13

url pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14

purl pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dj42-wym9-nbhv

vulnerability	VCID-m8m6-6vje-wbgu

vulnerability	VCID-nztp-y8p8-cqc6

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.14

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15707.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15707

reference_id

reference_type

scores

value	0.01534
scoring_system	epss
scoring_elements	0.81655
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15707

reference_url

https://cwiki.apache.org/confluence/display/WW/S2-054

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://cwiki.apache.org/confluence/display/WW/S2-054

reference_url

https://github.com/advisories/GHSA-xcrm-qpp8-hcw4

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-xcrm-qpp8-hcw4

reference_url

https://security.netapp.com/advisory/ntap-20171214-0001

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20171214-0001

reference_url	https://security.netapp.com/advisory/ntap-20171214-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20171214-0001/

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

http://www.securityfocus.com/bid/102021

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/102021

reference_url

http://www.securitytracker.com/id/1039946

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securitytracker.com/id/1039946

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1522794
reference_id	1522794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1522794

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15707

reference_id

CVE-2017-15707

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15707

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 4.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m8m6-6vje-wbgu

Vulnerability Instance