Maven/org.apache.struts:struts2-rest-plugin

HIGH8.1CVE-2017-9805⚠ KEVREST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering

>= 2.1.1, < 2.3.34

CRITICAL9.8CVE-2016-4438Arbitrary code execution in Apache Struts 2

>= 2.3.19, < 2.3.29

HIGH7.5The REST Plugin in Apache Struts is using an outdated XStream library

from 0, < 2.3.34

HIGH7.5Apache Struts REST Plugin can potentially allow a DoS attack

>= 2.1.1, < 2.5.16

MEDIUM6.2Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin

>= 2.5.0, < 2.5.16

—Code injection in Apache Struts

>= 2.0.0, < 2.3.15.2

pkg:Maven/org.apache.struts:struts2-rest-plugin

✅ Check your installed version

All known vulnerabilities