MidnightBSD

Advisories for ognl_project

CVE-2016-3093 MEDIUM

Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
apache struts 2.0.8
apache struts 2.0.7
apache struts 2.1.0
apache struts 2.0.11.1
apache struts 2.3.20.1
apache struts 2.1.8
apache struts 2.3.20.3
apache struts 2.2.3
apache struts 2.0.9
apache struts 2.0.3
apache struts 2.3.4.1
apache struts 2.3.15
apache struts 2.3.12
apache struts 2.1.3
apache struts 2.1.8.1
apache struts 2.3.24
apache struts 2.2.1
apache struts 2.3.15.2
apache struts 2.3.15.3
apache struts 2.3.16.2
apache struts 2.3.1.2
apache struts 2.3.14.3
apache struts 2.2.3.1
apache struts 2.3.20
apache struts 2.0.0
apache struts 2.0.10
apache struts 2.3.16.3
apache struts 2.3.4
apache struts 2.0.1
apache struts 2.0.12
apache struts 2.3.16.1
apache struts 2.0.11.2
apache struts 2.1.4
apache struts 2.0.14
apache struts 2.1.1
apache struts 2.3.24.1
apache struts 2.3.8
apache struts 2.0.6
ognl_project ognl *
apache struts 2.0.13
apache struts 2.1.6
apache struts 2.3.14.2
apache struts 2.1.5
apache struts 2.3.1.1
apache struts 2.3.7
apache struts 2.3.14.1
apache struts 2.2.1.1
apache struts 2.3.1
apache struts 2.0.5
apache struts 2.3.14
apache struts 2.0.11
apache struts 2.0.2
apache struts 2.3.16
apache struts 2.3.15.1
apache struts 2.0.4
apache struts 2.1.2