struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lukasz Lenart <lukaszlen...@apache.org>
Subject Re: CVE-2019-0233 is Struts v1 vulnerable?
Date Fri, 21 Aug 2020 09:57:15 GMT
pt., 21 sie 2020 o 11:30 Rayne Anderson <raynea@us.ibm.com> napisał(a):
>
> I know that Apache Struts File upload CVE-2019-0233 applies to Struts v2.
> Does the CVE apply to Struts v1.3.8?

I would say no as these are totally different frameworks but we didn't
test Struts 1.3.8 against this vulnerability as Struts 1 has reached
End-of-Life a few years ago.


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message