{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4833?format=json","vulnerability_id":"VCID-t1v1-vm43-sfhg","summary":"The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.","aliases":[{"alias":"CVE-2017-9805"},{"alias":"GHSA-gg9m-fj3v-r58c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/24695?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.3.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.34"},{"url":"http://public2.vulnerablecode.io/api/packages/24696?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.5.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3yq7-n972-j7dh"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-87fh-rvvb-6ubq"},{"vulnerability":"VCID-95ts-vpk6-uubg"},{"vulnerability":"VCID-b7zy-qhz9-tuar"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-cm62-bsdz-yye2"},{"vulnerability":"VCID-dk2f-14xj-9bf8"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-tgd1-s1yg-9fdt"},{"vulnerability":"VCID-y5uq-a6dx-3yd4"},{"vulnerability":"VCID-zxww-8kb3-tufv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.13"},{"url":"http://public2.vulnerablecode.io/api/packages/24747?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.34"},{"url":"http://public2.vulnerablecode.io/api/packages/24748?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.13"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27182?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166497?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/166498?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/166499?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8"},{"url":"http://public2.vulnerablecode.io/api/packages/166500?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.1.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166501?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166502?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166503?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/166504?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166505?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166506?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/166507?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/166508?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/166509?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/166510?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/24729?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/164569?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/164570?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/164571?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14"},{"url":"http://public2.vulnerablecode.io/api/packages/164572?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/164573?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.2"},{"url":"http://public2.vulnerablecode.io/api/packages/24730?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.14.3"},{"url":"http://public2.vulnerablecode.io/api/packages/24731?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15"},{"url":"http://public2.vulnerablecode.io/api/packages/164574?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-b59n-uxft-4qgz"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.1"},{"url":"http://public2.vulnerablecode.io/api/packages/82378?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.2"},{"url":"http://public2.vulnerablecode.io/api/packages/24732?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.15.3"},{"url":"http://public2.vulnerablecode.io/api/packages/24733?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/164575?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.1"},{"url":"http://public2.vulnerablecode.io/api/packages/164576?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.2"},{"url":"http://public2.vulnerablecode.io/api/packages/24734?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.16.3"},{"url":"http://public2.vulnerablecode.io/api/packages/22625?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20"},{"url":"http://public2.vulnerablecode.io/api/packages/22626?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22627?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.20.3"},{"url":"http://public2.vulnerablecode.io/api/packages/22628?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24"},{"url":"http://public2.vulnerablecode.io/api/packages/22629?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.1"},{"url":"http://public2.vulnerablecode.io/api/packages/22630?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.24.3"},{"url":"http://public2.vulnerablecode.io/api/packages/22631?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"},{"vulnerability":"VCID-vgp6-jxqt-pbf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28"},{"url":"http://public2.vulnerablecode.io/api/packages/22632?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.28.1"},{"url":"http://public2.vulnerablecode.io/api/packages/24742?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.29"},{"url":"http://public2.vulnerablecode.io/api/packages/164577?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.30"},{"url":"http://public2.vulnerablecode.io/api/packages/164578?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.31"},{"url":"http://public2.vulnerablecode.io/api/packages/164579?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.32"},{"url":"http://public2.vulnerablecode.io/api/packages/24743?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.3.33"},{"url":"http://public2.vulnerablecode.io/api/packages/31667?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/24744?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/164580?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/164581?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/164582?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/164583?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.8"},{"url":"http://public2.vulnerablecode.io/api/packages/164584?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10"},{"url":"http://public2.vulnerablecode.io/api/packages/24745?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/24746?format=json","purl":"pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-492x-u9pr-auen"},{"vulnerability":"VCID-79j9-v8gz-rfax"},{"vulnerability":"VCID-bgbt-j1n9-6yg5"},{"vulnerability":"VCID-fy9j-w7r2-sugr"},{"vulnerability":"VCID-gfxq-vtry-bqgg"},{"vulnerability":"VCID-hgj2-vqzn-gyeb"},{"vulnerability":"VCID-hpm1-euf1-vff1"},{"vulnerability":"VCID-t1v1-vm43-sfhg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-rest-plugin@2.5.12"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9805.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9805","reference_id":"","reference_type":"","scores":[{"value":"0.94322","scoring_system":"epss","scoring_elements":"0.99953","published_at":"2026-05-16T12:55:00Z"},{"value":"0.94322","scoring_system":"epss","scoring_elements":"0.99951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.94322","scoring_system":"epss","scoring_elements":"0.99952","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9805"},{"reference_url":"https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488482","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488482"},{"reference_url":"https://cwiki.apache.org/confluence/display/WW/S2-052","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://cwiki.apache.org/confluence/display/WW/S2-052"},{"reference_url":"https://github.com/apache/struts","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts"},{"reference_url":"https://github.com/apache/struts/commit/19494718865f2fb7da5ea363de3822f87fbda26","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts/commit/19494718865f2fb7da5ea363de3822f87fbda26"},{"reference_url":"https://github.com/apache/struts/commit/6dd6e5cfb7b5e020abffe7e8091bd63fe97c10a","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/struts/commit/6dd6e5cfb7b5e020abffe7e8091bd63fe97c10a"},{"reference_url":"https://lgtm.com/blog/apache_struts_CVE-2017-9805","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://lgtm.com/blog/apache_struts_CVE-2017-9805"},{"reference_url":"https://security.netapp.com/advisory/ntap-20170907-0001","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20170907-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20170907-0001/","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20170907-0001/"},{"reference_url":"https://struts.apache.org/docs/s2-052.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://struts.apache.org/docs/s2-052.html"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"},{"reference_url":"https://web.archive.org/web/20170909031344/http://www.securityfocus.com/bid/100609","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170909031344/http://www.securityfocus.com/bid/100609"},{"reference_url":"https://web.archive.org/web/20170922053119/http://www.securitytracker.com/id/1039263","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170922053119/http://www.securitytracker.com/id/1039263"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805"},{"reference_url":"https://www.exploit-db.com/exploits/42627","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/42627"},{"reference_url":"https://www.exploit-db.com/exploits/42627/","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://www.exploit-db.com/exploits/42627/"},{"reference_url":"https://www.kb.cert.org/vuls/id/112992","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"https://www.kb.cert.org/vuls/id/112992"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"},{"reference_url":"http://www.securityfocus.com/bid/100609","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"http://www.securityfocus.com/bid/100609"},{"reference_url":"http://www.securitytracker.com/id/1039263","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:07:51Z/"}],"url":"http://www.securitytracker.com/id/1039263"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:10.5\\(1\\):*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:hosted_collaboration_solution:10.5\\(1\\):*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:10.5\\(1\\):*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.0\\(1\\):*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:hosted_collaboration_solution:11.0\\(1\\):*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.0\\(1\\):*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.5\\(1\\):*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:hosted_collaboration_solution:11.5\\(1\\):*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.5\\(1\\):*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.6\\(1\\):*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:hosted_collaboration_solution:11.6\\(1\\):*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:hosted_collaboration_solution:11.6\\(1\\):*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:media_experience_engine:3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:media_experience_engine:3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:media_experience_engine:3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:media_experience_engine:3.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:media_experience_engine:3.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:media_experience_engine:3.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:network_performance_analysis:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:network_performance_analysis:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:network_performance_analysis:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:video_distribution_suite_for_internet_streaming:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:video_distribution_suite_for_internet_streaming:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:video_distribution_suite_for_internet_streaming:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2017-9805","reference_id":"CVE-2017-9805","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2017-9805"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42627.py","reference_id":"CVE-2017-9805","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/42627.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9805","reference_id":"CVE-2017-9805","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9805"},{"reference_url":"https://github.com/advisories/GHSA-gg9m-fj3v-r58c","reference_id":"GHSA-gg9m-fj3v-r58c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gg9m-fj3v-r58c"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":502,"name":"Deserialization of Untrusted Data","description":"The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[{"date_added":"2017-09-07","description":"Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":false,"source_date_published":"2017-09-06","exploit_type":"remote","platform":"linux","source_date_updated":"2019-07-09","data_source":"Exploit-DB","source_url":""},{"date_added":"2021-11-03","description":"Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.","required_action":"Apply updates per vendor instructions.","due_date":"2022-05-03","notes":"https://nvd.nist.gov/vuln/detail/CVE-2017-9805","known_ransomware_campaign_use":false,"source_date_published":null,"exploit_type":null,"platform":null,"source_date_updated":null,"data_source":"KEV","source_url":null},{"date_added":null,"description":"Apache Struts versions 2.1.2 - 2.3.33 and Struts 2.5 - Struts 2.5.12,\n          using the REST plugin, are vulnerable to a Java deserialization attack\n          in the XStream library.","required_action":null,"due_date":null,"notes":"Reliability:\n  - unknown-reliability\nStability:\n  - unknown-stability\nSideEffects:\n  - unknown-side-effects\n","known_ransomware_campaign_use":false,"source_date_published":"2017-09-05","exploit_type":null,"platform":"Linux,Python,Unix,Windows","source_date_updated":null,"data_source":"Metasploit","source_url":"https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/struts2_rest_xstream.rb"}],"severity_range_score":"6.8 - 8.9","exploitability":"2.0","weighted_severity":"8.0","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1v1-vm43-sfhg"}