When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a us…
[org.apache.struts:struts2-core] ClassLoader manipulation in Apache Struts
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to “manipulate” the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exis…
[org.apache.struts:struts2-core] ClassLoader manipulation in Apache Struts
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to “manipulate” the ClassLoader via the class parameter, which is passed to the getClass method.
References
https://nvd.nist.gov/vuln/detail/CVE-2014-0094
http://jvn.jp…
[org.apache.struts:struts2-core] Arbitrary code execution in Apache Struts
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.
References
https://nvd.nist.gov/vuln/detail/C…
[org.apache.struts:struts2-core] ClassLoader manipulation in Apache Struts
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to “manipulate” the ClassLoader and execute arbitrary code via a crafte…
[org.apache.struts:struts2-core] ClassLoader manipulation in Apache Struts
CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to “manipulate” the ClassLoader and modify session state via a craf…
[org.apache.struts:struts2-core] Arbitrary code execution in Apache Struts 2
The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-4438
https://bugzilla.redhat.com/show_bug.cgi?id=1348238
https:…
[org.apache.struts:struts2-core] Path Traversal in Apache Struts
In Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. This vulnerability is only exploitable when using the Struts 2 C…
[org.apache.santuario:xmlsec] Apache XML Security For Java vulnerable to Infinite Loop
Affected versions of xmlsec are subject to a denial of service vulnerability. Should a user check the signature of a message larger than 512 MB, the method expandSize(int newPos) of class org.apache.xml.security.utils.UnsyncByteArrayOutputStream goes i…
[org.csanchez.jenkins.plugins:kubernetes] Exposure of Sensitive Information in Jenkins Kubernetes Plugin
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
References
https://nvd.nist.g…