mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-28 09:12:00 +00:00
137 lines
5.3 KiB
JSON
137 lines
5.3 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "vultures@jpcert.or.jp",
|
|
"ID": "CVE-2016-1182",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "JVNDB-2016-000097",
|
|
"refsource": "JVNDB",
|
|
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000097"
|
|
},
|
|
{
|
|
"name": "JVN#65044642",
|
|
"refsource": "JVN",
|
|
"url": "http://jvn.jp/en/jp/JVN65044642/index.html"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
|
|
},
|
|
{
|
|
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
|
|
},
|
|
{
|
|
"name": "https://security.netapp.com/advisory/ntap-20180629-0006/",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://security.netapp.com/advisory/ntap-20180629-0006/"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
|
|
},
|
|
{
|
|
"name": "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
|
|
},
|
|
{
|
|
"name": "1036056",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://www.securitytracker.com/id/1036056"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343540",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343540"
|
|
},
|
|
{
|
|
"name": "91067",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/91067"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
|
|
},
|
|
{
|
|
"name": "91787",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/91787"
|
|
},
|
|
{
|
|
"name": "https://security-tracker.debian.org/tracker/CVE-2016-1182",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://security-tracker.debian.org/tracker/CVE-2016-1182"
|
|
}
|
|
]
|
|
}
|
|
} |