PT-2025-50317

Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 6.7.4 Apache Struts versions 7.0.0 through 7.0.3 Description A denial of service issue exists in Apache Struts due to a file leak during multipart request processing, which can lead to disk exhaustion...

Apache Struts 安全漏洞

Apache Struts is an open source project of the Apache USA Foundation, a set of open source MVC frameworks for creating enterprise Java web applications, offering two main versions of the framework product, Struts 1 and Struts 2. A security vulnerability exists in Apache Struts versions 2.0.0...

PT-2025-50914

CVE-2025-67503 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-67503 Published : Dec. 10, 2025, 12:16 a.m. | 47 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affect...

Denial Of Service (DoS)

Apache Struts is vulnerable to Denial Of Service DoS. The vulnerability is due to a file leak in multipart request processing, where temporary files are not properly cleaned up, allowing attackers to trigger uncontrolled disk usage and exhaust server storage...

Linux Distros Unpatched Vulnerability : CVE-2025-64775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0...

Apache Struts DoS Vulnerability (S2-068)

Apache Struts is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:struts";...

Apache Struts is Vulnerable to DoS via File Leak

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

EUVD-2025-200019

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

GHSA-XX7V-HQXH-CJR9 Apache Struts is Vulnerable to DoS via File Leak

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-64775

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

CVE-2025-64775

CVE-2025-64775 affects Apache Struts 2.x (2.0.0–6.7.0) and 7.0.0–7.0.3. The issue is a denial of service caused by a file leak in multipart request processing that can exhaust disk space. The available public details describe the impact as DoS and do not indicate exploitation specifics beyond the...

CVE-2025-64775 Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue...

Apache Struts 安全漏洞

Apache Struts is an open source project of the Apache USA Foundation, a set of open source MVC frameworks for creating enterprise Java web applications, offering two main versions of the framework product, Struts 1 and Struts 2. A security vulnerability exists in Apache Struts versions 2.0.0...

PT-2025-48328

CVE-2025-66232 - Apache Struts Cross-Site Request Forgery CVE ID : CVE-2025-66232 Published : Nov. 26, 2025, 4:15 a.m. | 2 hours, 49 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-47892

CVE-2025-12541 - "Apache Struts Remote Code Execution Vulnerability" CVE ID : CVE-2025-12541 Published : Nov. 22, 2025, 11:15 p.m. | 3 hours, 26 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link...

PT-2025-47117

CVE-2025-65072 - Apache Struts Deserialization Vulnerability CVE ID : CVE-2025-65072 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-47100

CVE-2025-65068 - Apache Struts Command Injection CVE ID : CVE-2025-65068 Published : Nov. 15, 2025, 4:15 a.m. | 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-47032

CVE-2025-12703 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2025-12703 Published : Nov. 12, 2025, 11:15 p.m. | 3 hours, 44 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link fo...

PT-2025-48488

Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 6.7.0 Apache Struts versions 7.0.0 through 7.0.3 Description A denial of service issue exists in Apache Struts due to incomplete cleanup of temporary or auxiliary resources during the processing of multipar...

PT-2025-45571

Name of the Vulnerable Software and Affected Versions ClipBucket versions 5.5.2 through 5.5.2-156 Description An authenticated regular user can create a photo collection with a collection name containing HTML/JavaScript payloads. This makes the Manage Photos feature susceptible to Stored Cross-Si...