PT-2025-53399

CVE-2024-10398 - Apache Struts Deserialization RCE CVE ID : CVE-2024-10398 Published : Dec. 23, 2025, 4:16 p.m. | 2 hours, 43 minutes ago Description : Rejected reason: This CVE id was assigned but later discarded. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

PT-2025-52879

CVE-2025-68655 - Apache Apache Struts Remote Code Execution CVE ID : CVE-2025-68655 Published : Dec. 23, 2025, 4:15 a.m. | 2 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-52648

CVE-2025-14597 - Apache Struts SSRF CVE ID : CVE-2025-14597 Published : Dec. 20, 2025, 11:15 p.m. | 3 hours, 20 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS...

Apache Struts 2.0.0 < 2.3.18 multiple vulnerabilities - Remote command execution and arbitrary file overwrite, Strict DMI does not work correctly(S2-008)

The version of Apache Struts installed on the remote host is prior to 2.3.18. It is, therefore, affected by multiple vulnerabilities as referenced in the S2-008 advisory. - The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during...

PT-2025-52647

CVE-2025-12700 - Apache Struts Remote Code Execution CVE ID : CVE-2025-12700 Published : Dec. 20, 2025, 11:15 p.m. | 3 hours, 20 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details...

PT-2026-1915

Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 6.1.0 Description The issue is a missing XML validation check in Apache Struts, allowing for XML External Entity XXE attacks. This flaw resides in the XWork component and can be exploited by attackers to re...

PT-2025-52511

CVE-2025-14268 - Apache Struts Remote Code Execution CVE ID : CVE-2025-14268 Published : Dec. 17, 2025, 11:15 p.m. | 53 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

Denial Of Service (DoS)

org.apache.struts, struts2-core is vulnerable to Denial of Service DoS. The vulnerability is due to a file leak during multipart request processing, which allows an attacker to repeatedly trigger file creation on disk, leading to disk exhaustion and service disruption...

PT-2025-51035

CVE-2025-12731 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-12731 Published : Dec. 10, 2025, 11:15 p.m. | 2 hours, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for...

PT-2025-51123

CVE-2025-67691 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-67691 Published : Dec. 11, 2025, 4:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-50605

Apache Struts 2 DoS Flaw CVE-2025-66675 Risks Server Crash via File Leak in Multipart Request Processing https://securityonline.info/apache-struts-2-dos-flaw-cve-2025-66775-risks-server-crash-via-file-leak-in-multipart-request-processing/...

EUVD-2025-202417

Apache Struts has a Denial of Service vulnerability...

GHSA-RG58-XHH7-MQJW Apache Struts has a Denial of Service vulnerability

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

Apache Struts has a Denial of Service vulnerability

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...

CVE-2025-66675

The CVE-2025-66675 issue is an Apache Struts Denial of Service vulnerability caused by a file leak during multipart request processing, which can lead to disk exhaustion. Affected versions are Struts 2.0.0–6.7.4 and 7.0.0–7.0.3. The documented remediation is to upgrade to Struts 6.8.0 or 7.1.1, w...

CVE-2025-66675 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related...