SUSE-SU-2015:0886-1

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0886-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2015:0886-1

Related

CVE-2014-0114
CVE-2015-0899

Published

2014-06-20T20:43:07Z

Modified

2014-06-20T20:43:07Z

Summary

Security update for struts

Details

Apache Struts was updated to fix a security issue:

* CVE-2014-0114: The ActionForm object in Apache Struts 1.x through
  1.3.10 allows remote attackers to 'manipulate' the ClassLoader and
  execute arbitrary code via the class parameter, which is passed to
  the getClass method.

Security Issue reference:

* CVE-2014-0114
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114>

References

Affected packages