Skip to content

Comments

[Snyk] Upgrade org.apache.struts:struts2-core from 2.3.37 to 2.5.33#373

Open
tt9133github wants to merge 1 commit intomasterfrom
snyk-upgrade-f7829da218129425390d9b1deb9b11b9
Open

[Snyk] Upgrade org.apache.struts:struts2-core from 2.3.37 to 2.5.33#373
tt9133github wants to merge 1 commit intomasterfrom
snyk-upgrade-f7829da218129425390d9b1deb9b11b9

Conversation

@tt9133github
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade org.apache.struts:struts2-core from 2.3.37 to 2.5.33.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 31 versions ahead of your current version.

  • The recommended version was released 2 years ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Remote Code Execution (RCE)
SNYK-JAVA-ORGAPACHESTRUTS-2635340
726 Proof of Concept
high severity Allocation of Resources Without Limits or Throttling
SNYK-JAVA-ORGAPACHESTRUTS-5707102
726 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-ORGAPACHESTRUTS-608098
726 Proof of Concept
medium severity Allocation of Resources Without Limits or Throttling
SNYK-JAVA-ORGAPACHESTRUTS-5707101
726 No Known Exploit
critical severity Remote Code Execution (RCE)
SNYK-JAVA-ORGAPACHESTRUTS-608097
726 Mature
high severity Unrestricted Upload of File with Dangerous Type
SNYK-JAVA-ORGAPACHESTRUTS-609765
726 Proof of Concept
medium severity Denial of Service (DoS)
SNYK-JAVA-ORGAPACHESTRUTS-6100744
726 No Known Exploit
critical severity Remote Code Execution (RCE)
SNYK-JAVA-ORGAPACHESTRUTS-6102825
726 Mature
critical severity Remote Code Execution (RCE)
SNYK-JAVA-ORGAPACHESTRUTS-1049003
726 Mature

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade org.apache.struts:struts2-core from 2.3.37 to 2.5.33.

See this package in maven:
org.apache.struts:struts2-core

See this project in Snyk:
https://app.snyk.io/org/t438879/project/b9087c8e-af8e-4d47-8d8a-b4e3eb386a17?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants