CVE-2013-2134 High Severity Vulnerability detected by WhiteSource #43
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2013-2134 - High Severity Vulnerability
struts2-core-2.0.8.jar
null
path: /java_security_book/Struts2/s2_002/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.8.jar,/java_security_book/Struts2/s2_001/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.8.jar,2/repository/org/apache/struts/struts2-core/2.0.8/struts2-core-2.0.8.jar
Dependency Hierarchy:
struts2-core-2.0.11.jar
null
path: /java_security_book/Struts2/s2_005/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.11.jar
Dependency Hierarchy:
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
Publish Date: 2013-07-16
URL: CVE-2013-2134
Base Score Metrics not available
Type: Upgrade version
Origin: http://security.gentoo.org/glsa/glsa-201409-04.xml
Release Date: 2014-09-04
Fix Resolution: All MySQL users should upgrade to the latest version >= mysql-5.5.39
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: