CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

Date published : 2017-12-01

http://www.securityfocus.com/bid/102021

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html