VertiGIS uses this page to provide centralized information about following vulnerabilities in Apache Struts and its impact on VertiGIS product families.
- CVE-2023-34149: Apache Struts: DoS via OOM owing to not properly checking of list bounds
- CVE-2023-34396: Apache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart forms
- CVE-2023-50164: Apache Struts: File upload component had a directory traversal vulnerability
This article will be updated as new information becomes available.
Product families affected
- UT for ArcGIS: see article
Product families not affected
- 3A / LM
- ConnectMaster
- EDP Future
- EDP Mobile
- EDP Vision
- GeoOffice
- M4 Solutions
- Pinpoint
- VertiGIS FM
- VertiGIS Networks
- VertiGIS Studio
- WebOffice
Comments
0 comments
Please sign in to leave a comment.