Vulnerability Database
296,746
Total vulnerabilities in the database
CVE-2013-2134
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
| Software | From | Fixed in |
|---|---|---|
| apache / struts | 2.0.0 | 2.3.14.3 |
org.apache.struts / struts2-core
|
- | 2.3.14.3 |
- http://security.gentoo.org/glsa/glsa-201409-04.xml
- http://struts.apache.org/development/2.x/docs/s2-015.html
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/60346
- http://www.securityfocus.com/bid/64758
- https://cwiki.apache.org/confluence/display/WW/S2-015
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime