PT-2025-52511

CVE-2025-14268 - Apache Struts Remote Code Execution CVE ID : CVE-2025-14268 Published : Dec. 17, 2025, 11:15 p.m. | 53 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

Denial Of Service (DoS)

org.apache.struts, struts2-core is vulnerable to Denial of Service DoS. The vulnerability is due to a file leak during multipart request processing, which allows an attacker to repeatedly trigger file creation on disk, leading to disk exhaustion and service disruption...

PT-2025-50605

Apache Struts 2 DoS Flaw CVE-2025-66675 Risks Server Crash via File Leak in Multipart Request Processing https://securityonline.info/apache-struts-2-dos-flaw-cve-2025-66775-risks-server-crash-via-file-leak-in-multipart-request-processing/...

PT-2025-51035

CVE-2025-12731 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-12731 Published : Dec. 10, 2025, 11:15 p.m. | 2 hours, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for...

PT-2025-51123

CVE-2025-67691 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-67691 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

EUVD-2025-202417

Apache Struts has a Denial of Service vulnerability...

com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=6.0.0), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (=6.0.0) +53 more potentially affected by CVE-2025-64775 +1 more via org.apache.struts:struts2-core (>=7.0.0 <=7.0.3)

org.apache.struts:struts2-core MAVEN version =7.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.3 and more Source cves: CVE-2025-64775, CVE-2025-66675 Source advisory: OSV:GHSA-RG58-XHH7-MQJWhttps://vu...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +332 more potentially affected by CVE-2025-64775 +1 more via org.apache.struts:struts2-core (>=2.0.11 <=6.7.4)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.9, =1.2, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2025-64775, CVE-2025-66675 Source advisory: OSV:GHSA-RG58-XHH7-MQ...

Apache Struts has a Denial of Service vulnerability

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

GHSA-RG58-XHH7-MQJW Apache Struts has a Denial of Service vulnerability

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675

The CVE-2025-66675 issue is an Apache Struts Denial of Service vulnerability caused by a file leak during multipart request processing, which can lead to disk exhaustion. Affected versions are Struts 2.0.0–6.7.4 and 7.0.0–7.0.3. The documented remediation is to upgrade to Struts 6.8.0 or 7.1.1, w...

CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

PT-2025-50914

CVE-2025-67503 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-67503 Published : Dec. 10, 2025, 12:16 a.m. | 47 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affect...

PT-2025-50317

Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 6.7.4 Apache Struts versions 7.0.0 through 7.0.3 Description A denial of service issue exists in Apache Struts due to a file leak during multipart request processing, which can lead to disk exhaustion...

Apache Struts 安全漏洞

Apache Struts is an open source project of the Apache USA Foundation, a set of open source MVC frameworks for creating enterprise Java web applications, offering two main versions of the framework product, Struts 1 and Struts 2. A security vulnerability exists in Apache Struts versions 2.0.0...

Denial Of Service (DoS)

Apache Struts is vulnerable to Denial Of Service DoS. The vulnerability is due to a file leak in multipart request processing, where temporary files are not properly cleaned up, allowing attackers to trigger uncontrolled disk usage and exhaust server storage...