netbird/advisory-database
0
0
Fork 0
mirror of https://github.com/netbirdio/advisory-database.git synced 2026-05-22 18:04:22 -07:00
Code Issues Packages Projects Releases Wiki Activity

Publish GHSA-gg9m-fj3v-r58c

Browse Source
This commit is contained in:
advisory-database[bot]
2025-02-07 17:43:51 +00:00
parent aba064242c
commit 448698863a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
advisories/github-reviewed/2018/10/GHSA-gg9m-fj3v-r58c/GHSA-gg9m-fj3v-r58c.json
+3 -3
View File
@@ -1,13 +1,13 @@
{
"schema_version": "1.4.0",
"id": "GHSA-gg9m-fj3v-r58c",
"modified": "2024-07-25T20:17:38Z",
"modified": "2025-02-07T17:42:07Z",
"published": "2018-10-16T19:37:56Z",
"aliases": [
"CVE-2017-9805"
],
"summary": "REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering",
"details": "The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.",
"details": "The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.",
"severity": [
{
"type": "CVSS_V3",
@@ -25,7 +25,7 @@
"type": "ECOSYSTEM",
"events": [
{
"introduced": "2.1.2"
"introduced": "2.1.1"
},
{
"fixed": "2.3.34"