Description
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Remediation
References
https://cwiki.apache.org/confluence/display/ww/s2-060
https://launchpad.support.sap.com/#/notes/2982840
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
Related Vulnerabilities
CVE-2023-34613 Vulnerability in maven package net.sf.sojo:sojo
CVE-2017-15683 Vulnerability in maven package org.craftercms:crafter-studio
CVE-2016-6813 Vulnerability in maven package org.apache.cloudstack:cloudstack
CVE-2021-33502 Vulnerability in npm package normalize-url
CVE-2016-0781 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-server