mvnwar's People
mvnwar's Issues
[DepShield] (CVSS 10.0) Vulnerability due to usage of org.apache.struts:struts2-core:2.3.1
Vulnerabilities
DepShield reports that this application's usage of org.apache.struts:struts2-core:2.3.1 results in the following vulnerability(s):
- (CVSS 10.0) [CVE-2013-4316] null, Improper Access Control
- (CVSS 9.8) [CVE-2017-12611] In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an unintenti...
- (CVSS 9.8) [CVE-2016-4436] Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have uns...
- (CVSS 9.8) [CVE-2016-3082] Improper Input Validation
- (CVSS 9.8) [CVE-2018-11776] Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo...
- (CVSS 9.3) [CVE-2013-2135] Improper Control of Generation of Code ("Code Injection")
- (CVSS 9.3) [CVE-2013-2134] Improper Control of Generation of Code ("Code Injection")
- (CVSS 9.3) [CVE-2013-2251] Improper Input Validation
- (CVSS 9.3) [CVE-2013-2115] Improper Control of Generation of Code ("Code Injection")
- (CVSS 9.3) [CVE-2013-1966] Improper Control of Generation of Code ("Code Injection")
- (CVSS 8.8) [CVE-2016-3090] The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 a...
- (CVSS 8.8) [CVE-2016-0785] Improper Input Validation
- (CVSS 8.8) [CVE-2016-4461] Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary cod...
- (CVSS 8.1) [CVE-2016-3081] Improper Neutralization of Special Elements used in a Command (Command Injection)
- (CVSS 7.5) [CVE-2014-0113] Permissions, Privileges, and Access Controls
- (CVSS 7.5) [CVE-2014-0112] Permissions, Privileges, and Access Controls
- (CVSS 7.5) [CVE-2015-5209] Improper Input Validation
- (CVSS 6.8) [CVE-2014-7809] Cross-Site Request Forgery (CSRF)
- (CVSS 6.8) [CVE-2012-4386] Cross-Site Request Forgery (CSRF)
- (CVSS 6.4) [CVE-2012-0393] Permissions, Privileges, and Access Controls
- (CVSS 6.1) [CVE-2015-5169] Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
- (CVSS 6.1) [CVE-2016-2162] Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")
- (CVSS 6.1) CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- (CVSS 6.1) [CVE-2016-4003] Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")
- (CVSS 5.8) [CVE-2014-0116] Permissions, Privileges, and Access Controls
- (CVSS 5.8) [CVE-2013-2248] Improper Input Validation
- (CVSS 5.8) [CVE-2013-4310] Permissions, Privileges, and Access Controls
- (CVSS 5.3) [CVE-2016-3093] Improper Input Validation
- (CVSS 5.0) [CVE-2012-4387] Permissions, Privileges, and Access Controls
- (CVSS 5.0) [CVE-2014-0094] The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attacke...
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 10.0) Vulnerability due to usage of org.apache.struts:struts2-core:2.5.1
Vulnerabilities
DepShield reports that this application's usage of org.apache.struts:struts2-core:2.5.1 results in the following vulnerability(s):
- (CVSS 10.0) [CVE-2017-5638] Improper Input Validation
- (CVSS 9.8) [CVE-2018-11776] Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo...
- (CVSS 7.5) [CVE-2017-9787] Improper Access Control
- (CVSS 5.9) [CVE-2016-8738] In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a...
- (CVSS 5.9) [CVE-2017-7672] Improper Input Validation
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 9.8) Vulnerability due to usage of commons-fileupload:commons-fileupload:1.3
Vulnerabilities
DepShield reports that this application's usage of commons-fileupload:commons-fileupload:1.3 results in the following vulnerability(s):
- (CVSS 9.8) [CVE-2016-1000031] Improper Access Control
- (CVSS 7.5) [CVE-2014-0050] Permissions, Privileges, and Access Controls
- (CVSS 7.5) [CVE-2016-3092] Improper Input Validation
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 9.8) Vulnerability due to usage of commons-fileupload:commons-fileupload:1.2.2
Vulnerabilities
DepShield reports that this application's usage of commons-fileupload:commons-fileupload:1.2.2 results in the following vulnerability(s):
- (CVSS 9.8) [CVE-2016-1000031] Improper Access Control
- (CVSS 7.5) [CVE-2014-0050] Permissions, Privileges, and Access Controls
- (CVSS 7.5) [CVE-2016-3092] Improper Input Validation
- (CVSS 3.3) [CVE-2013-0248] Permissions, Privileges, and Access Controls
Occurrences
commons-fileupload:commons-fileupload:1.2.2 is a transitive dependency introduced by the following direct dependency(s):
• org.apache.struts:struts2-core:2.3.1
└─ commons-fileupload:commons-fileupload:1.2.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
[DepShield] (CVSS 9.8) Vulnerability due to usage of org.apache.struts:struts2-core:2.5.14
Vulnerabilities
DepShield reports that this application's usage of org.apache.struts:struts2-core:2.5.14 results in the following vulnerability(s):
- (CVSS 9.8) [CVE-2018-11776] Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo...
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 9.3) Vulnerability due to usage of org.apache.struts.xwork:xwork-core:2.3.1
Vulnerabilities
DepShield reports that this application's usage of org.apache.struts.xwork:xwork-core:2.3.1 results in the following vulnerability(s):
- (CVSS 9.3) [CVE-2013-2135] Improper Control of Generation of Code ("Code Injection")
- (CVSS 9.3) [CVE-2013-1966] Improper Control of Generation of Code ("Code Injection")
- (CVSS 9.3) [CVE-2012-0392] Permissions, Privileges, and Access Controls
- (CVSS 8.8) [CVE-2016-0785] Improper Input Validation
- (CVSS 7.5) [CVE-2014-0112] Permissions, Privileges, and Access Controls
- (CVSS 6.8) [CVE-2012-0394] Improper Control of Generation of Code ("Code Injection")
- (CVSS 6.4) [CVE-2012-0393] Permissions, Privileges, and Access Controls
- (CVSS 6.1) [CVE-2016-2162] Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")
- (CVSS 5.3) [CVE-2016-3093] Improper Input Validation
- (CVSS 5.0) [CVE-2012-4387] Permissions, Privileges, and Access Controls
Occurrences
org.apache.struts.xwork:xwork-core:2.3.1 is a transitive dependency introduced by the following direct dependency(s):
• org.apache.struts:struts2-core:2.3.1
└─ org.apache.struts.xwork:xwork-core:2.3.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 10.0) Vulnerability due to usage of org.apache.struts:struts2-core:2.5
Vulnerabilities
DepShield reports that this application's usage of org.apache.struts:struts2-core:2.5 results in the following vulnerability(s):
- (CVSS 10.0) [CVE-2017-5638] Improper Input Validation
- (CVSS 9.8) [CVE-2018-11776] Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo...
- (CVSS 9.8) [CVE-2016-4436] Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have uns...
- (CVSS 9.8) [CVE-2017-12611] In Apache Struts 2.0.1 through 2.3.33 and 2.5 through 2.5.10, using an unintenti...
- (CVSS 7.5) [CVE-2017-9787] Improper Access Control
- (CVSS 7.5) [CVE-2017-9793] The REST Plugin in Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is ...
- (CVSS 7.5) [CVE-2017-9804] In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application ...
- (CVSS 5.9) [CVE-2016-8738] In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a...
- (CVSS 5.9) [CVE-2017-7672] Improper Input Validation
- (CVSS 5.3) [CVE-2016-4465] Improper Input Validation
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of maven build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 9.8) Vulnerability due to usage of commons-fileupload:commons-fileupload:1.3.1
Vulnerabilities
DepShield reports that this application's usage of commons-fileupload:commons-fileupload:1.3.1 results in the following vulnerability(s):
- (CVSS 9.8) [CVE-2016-1000031] Improper Access Control
- (CVSS 7.5) [CVE-2016-3092] Improper Input Validation
Occurrences
commons-fileupload:commons-fileupload:1.3.1 is a transitive dependency introduced by the following direct dependency(s):
• org.apache.struts:struts2-core:2.5
└─ commons-fileupload:commons-fileupload:1.3.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
DepShield encountered errors while building your project
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
[DepShield] (CVSS 5.3) Vulnerability due to usage of ognl:ognl:3.0.3
Vulnerabilities
DepShield reports that this application's usage of ognl:ognl:3.0.3 results in the following vulnerability(s):
- (CVSS 5.3) [CVE-2016-3093] Improper Input Validation
Occurrences
ognl:ognl:3.0.3 is a transitive dependency introduced by the following direct dependency(s):
• org.apache.struts:struts2-core:2.3.1
└─ ognl:ognl:3.0.3
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.