CVE-2006-1546, CVE-2006-1547, CVE-2005-3745 - any impact? #54
Closed
david-a-campbell-aus
started this conversation in
General
Replies: 1 comment
-
|
Hi David, I documented "only" fixed vulnerabilities since version 1.3.10. For your question I found following infos: Fixed with 1.2.9: Fixed with 1.2.8:
I hope it helps. Greetings |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
https://github.com/weblegacy/struts1 documents fixed vulnerabilities but these CVEs below aren't on the list and they flag up for me using Sonatype IQ Server scanning software, against Struts 1, probably because of the detail as described further below here.
CVE-2006-1546
CVE-2006-1547
CVE-2005-3745
Are the above known to have any impact on struts 1.x?
https://nvd.nist.gov/vuln/detail/CVE-2006-1546 says "Up to (including) 1.2.8"
https://nvd.nist.gov/vuln/detail/CVE-2006-1547 says "Up to (excluding) 1.2.9"
https://nvd.nist.gov/vuln/detail/cve-2005-3745 says "Apache Struts 1.2.7, and possibly other versions"
Beta Was this translation helpful? Give feedback.
All reactions