Vulnerabilities > Apache > Struts > 2.5.33

DATE CVE VULNERABILITY TITLE RISK
2020-12-16 CVE-2020-26259 OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
high complexity
apache xstream debian fedoraproject CWE-78
6.8
6.8
2020-12-16 CVE-2020-26258 Server-Side Request Forgery (SSRF) vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
apache xstream debian fedoraproject CWE-918
7.7
7.7