Warning: Patch available for critical RCE vulnerability In Apache Struts
Sources
https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj
Risks
Description
Recommended Actions
To address this vulnerability, Apache recommends users to urgently upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater.
Version Notes to find more details about performed bug fixes and improvements are available at:
https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.33
https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.2
References
https://nvd.nist.gov/vuln/detail/CVE-2023-50164
https://cwiki.apache.org/confluence/display/WW/S2-066
https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.3.0.
https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.33
https://www.tenable.com/cve/CVE-2023-50164
https://www.securityweek.com/apache-patches-critical-rce-vulnerability-i...