cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Max CVSS
7.5
EPSS Score
13.22%
Published
2020-09-14
Updated
2022-04-18
Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors.
Max CVSS
5.3
EPSS Score
2.73%
Published
2016-06-07
Updated
2023-02-12
Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
Max CVSS
5.0
EPSS Score
1.64%
Published
2012-09-05
Updated
2017-08-29
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!