CVE-2013-4316 High Severity Vulnerability detected by WhiteSource #48
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2013-4316 - High Severity Vulnerability
struts2-core-2.0.8.jar
null
path: /java_security_book/Struts2/s2_002/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.8.jar,/java_security_book/Struts2/s2_001/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.8.jar,2/repository/org/apache/struts/struts2-core/2.0.8/struts2-core-2.0.8.jar
Dependency Hierarchy:
struts2-core-2.0.11.jar
null
path: /java_security_book/Struts2/s2_005/target/struts2-archetype-starter/WEB-INF/lib/struts2-core-2.0.11.jar
Dependency Hierarchy:
Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
Publish Date: 2013-09-30
URL: CVE-2013-4316
Base Score Metrics not available
Type: Upgrade version
Origin: http://struts.apache.org/release/2.3.x/docs/s2-019.html
Release Date: 2017-12-31
Fix Resolution: Developers should immediately upgrade to Struts 2.3.15.2
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: