search

fasten-project / vulnerability-producer

Gathers, enriches and publishes vulnerability information to a Kafka topic.
https://www.fasten-project.eu/
Apache License 2.0
6 stars 3 forks source link

Found vulnerabilities changed for `org.apache.struts:struts2-core:2.0.5` #98

Open cg122 opened 3 years ago

cg122 commented 3 years ago

In a previous checking from endpoints, this package has 32 vulnerabilities found.

In a latest checking, this package has 30 vulnerabilities found.

Latest found vulnerabilities:

"external_id": "CVE-2008-6505",
"external_id": "CVE-2011-1772",
"external_id": "CVE-2012-0391",
"external_id": "CVE-2012-0392",
"external_id": "CVE-2012-0838",
"external_id": "CVE-2012-4386",
"external_id": "CVE-2012-4387",
"external_id": "CVE-2013-1965",
"external_id": "CVE-2013-1966",
"external_id": "CVE-2013-2115",
"external_id": "CVE-2013-2134",
"external_id": "CVE-2013-2135",
"external_id": "CVE-2013-4310",
"external_id": "CVE-2013-4316",
"external_id": "CVE-2014-0094",
"external_id": "CVE-2014-0112",
"external_id": "CVE-2014-0113",
"external_id": "CVE-2014-0116",
"external_id": "CVE-2014-7809",
"external_id": "CVE-2015-1831",
"external_id": "CVE-2015-5169",
"external_id": "CVE-2015-5209",
"external_id": "CVE-2016-0785",
"external_id": "CVE-2016-3081",
"external_id": "CVE-2016-3082",
"external_id": "CVE-2016-4003",
"external_id": "CVE-2016-4436",
"external_id": "CVE-2017-12611",
"external_id": "CVE-2017-9787",
"external_id": "CVE-2018-11776"
cg122 commented 3 years ago

A recent run at Wed, 1 Dec 2021 09:29 shows change again, now 29 vulnerabilities. The missing one CVE-2011-1772 should not be mapped according to NVD description.

Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, ...

"external_id": "CVE-2008-6505", "external_id": "CVE-2011-1772", "external_id": "CVE-2012-0391", "external_id": "CVE-2012-0392", "external_id": "CVE-2012-0838", "external_id": "CVE-2012-4386", "external_id": "CVE-2012-4387", "external_id": "CVE-2013-1965", "external_id": "CVE-2013-1966", "external_id": "CVE-2013-2115", "external_id": "CVE-2013-2134", "external_id": "CVE-2013-2135", "external_id": "CVE-2013-4310", "external_id": "CVE-2013-4316", "external_id": "CVE-2014-0094", "external_id": "CVE-2014-0112", "external_id": "CVE-2014-0113", "external_id": "CVE-2014-0116", "external_id": "CVE-2014-7809", "external_id": "CVE-2015-1831", "external_id": "CVE-2015-5169", "external_id": "CVE-2015-5209", "external_id": "CVE-2016-0785", "external_id": "CVE-2016-3081", "external_id": "CVE-2016-3082", "external_id": "CVE-2016-4003", "external_id": "CVE-2016-4436", "external_id": "CVE-2017-12611", "external_id": "CVE-2017-9787", "external_id": "CVE-2018-11776",