CVE-2015-1831
Published: 16 July 2015
The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "compromise internal state of an application" via unspecified vectors.
Notes
Author | Note |
---|---|
sbeattie | affects struts 2 only |
Priority
Status
Package | Release | Status |
---|---|---|
libstruts1.2-java Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
(struts 2 only)
|
trusty |
Does not exist
(trusty was not-affected [struts 2 only])
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
(struts 2 only)
|
|
vivid |
Does not exist
|