Candidate: CVE-2015-1831
PublicDate: 2015-07-16 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1831
 https://struts.apache.org/docs/s2-024.html
Description:
 The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow
 remote attackers to "compromise internal state of an application" via
 unspecified vectors.
Ubuntu-Description:
Notes:
 sbeattie> affects struts 2 only
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libstruts1.2-java:
upstream_libstruts1.2-java: needs-triage
precise_libstruts1.2-java: not-affected (struts 2 only)
trusty_libstruts1.2-java: not-affected (struts 2 only)
trusty/esm_libstruts1.2-java: DNE (trusty was not-affected [struts 2 only])
utopic_libstruts1.2-java: not-affected (struts 2 only)
vivid_libstruts1.2-java: DNE
devel_libstruts1.2-java: DNE