MGASA-2015-0351

Source
https://advisories.mageia.org/MGASA-2015-0351.html
Import Source
https://advisories.mageia.org/MGASA-2015-0351.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2015-0351
Upstream
  • CVE-2015-0899
Published
2015-09-08T17:55:59Z
Modified
2026-04-16T06:23:40.263157946Z
Summary
Updated struts packages fix CVE-2015-0899
Details

Updated struts packages fix security vulnerability:

The Validator in Apache Struts 1.1 and later contains a function to efficiently define rules for input validation across multiple pages during screen transitions. This function contains a vulnerability where input validation may be bypassed. When the Apache Struts 1 Validator is used, the web application may be vulnerable even when this function is not used explicitly (CVE-2015-0899).

References
Credits

Affected packages

Mageia:4 / struts

Package

Name
struts
Purl
pkg:rpm/mageia/struts?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.10-4.2.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2015-0351.json"

Mageia:5 / struts

Package

Name
struts
Purl
pkg:rpm/mageia/struts?arch=source&distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.10-8.1.mga5

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2015-0351.json"