com.amazonaws.serverless:aws-serverless-java-container-struts2 (>=1.2 <=1.8.2), com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.2.0-RELEASE) +164 more potentially affected by CVE-2025-68493 via org.apache.struts:struts2-core (>=2.5.1 <=2.5.33)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.2, =1.0.3-RELEASE, =1.1.9, =0.0.1, =6.0.0, =2.5.1, =2.5.1, =4.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =4.0.3 - com.jgeppert.struts2.jquery:struts2-jquery-datatables-plugin =4.0.3 -...

com.amazonaws.serverless:aws-serverless-java-container-struts2 (>=1.2 <=1.8.2), com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.2.0-RELEASE) +164 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=2.5.1 <=2.5.33)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.2, =1.0.3-RELEASE, =1.1.9, =0.0.1, =6.0.0, =2.5.1, =2.5.1, =4.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =4.0.3 - com.jgeppert.struts2.jquery:struts2-jquery-datatables-plugin =4.0.3 -...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +229 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.37)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.2.3 and more Source cves: CVE-2025-64775 Source advisory: OSV:GHSA-XX7V-HQXH-CJR9...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=4.0.2 <=5.0.6) +77 more potentially affected by CVE-2025-64775 via org.apache.struts:struts2-core (>=6.0.0 <=6.7.4)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =4.0.2, =4.0.2, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2025-64775 Source advisory: OSV:GHSA-XX7V...

The vulnerability of the struts2-core library in the Apache Struts software platform allows attackers to induce a service failure.

The vulnerability of the struts2-core library of the Apache Struts software platform is related to errors during permission storage. Exploiting this vulnerability can allow an attacker to cause service failures using specially crafted files...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.3), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=5.0.0 <=5.0.2) +52 more potentially affected by CVE-2023-50164 via org.apache.struts:struts2-core (>=6.0.0 <=6.3.0.1)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2023-50164 Source advisory: OSV:GHSA-2J...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +300 more potentially affected by CVE-2023-41835 via org.apache.struts:struts2-core (>=2.0.5 <=2.5.31)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.2, =1.0, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2023-41835 Source advisory: OSV:GHSA-729Q-FCGP-R5XH...

com.amazonaws.serverless:aws-serverless-java-container-struts (>=1.9 <=1.9.3), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=5.0.0 <=5.0.2) +52 more potentially affected by CVE-2023-34149 via org.apache.struts:struts2-core (>=6.0.0 <=6.1.2)

org.apache.struts:struts2-core MAVEN version =6.0.0, =1.9, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.3 and more Source cves: CVE-2023-34149 Source advisory: OSV:GHSA-8F6X...

Security Bulletin: CVE-2020-17530 may affect Apache struts2-core used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Summary Vulnerability found in Apache struts2-core-2.5.22 used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections Vulnerability Details CVEID: CVE-2020-17530 DESCRIPTION: Apache Struts could allo...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +298 more potentially affected by CVE-2019-0233 via org.apache.struts:struts2-core (>=2.0.11 <=2.5.20)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.2, =1.0, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2019-0233 Source advisory: OSV:GHSA-CCP5-GG58-PXFM...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +207 more potentially affected by CVE-2015-2992 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.1.2)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =0.5.9, =1.2.0, =1.0.0, =2.0, =1.0.3, =1.2.2, =1.4.0 and more Source cves: CVE-2015-2992 Source advisory: OSV:GHSA-265R-PP83-GWW7...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +177 more potentially affected by CVE-2013-6348 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.15.3)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.0, =1.0.0, =1.0.3, =1.2.2, =1.4.1, =0.6, =0.7 and more Source cves: CVE-2013-6348 Source advisory: OSV:GHSA-3G8J-JJ54-3VJG...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +172 more potentially affected by CVE-2013-4310 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.15.2)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 and more Source cves: CVE-2013-4310 Source advisory: OSV:GHSA-Q5Q8-JGHF-3PM3...

com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (>=2.0.2 <=2.0.4), com.jgeppert.struts2.bootstrap:struts2-bootstrap-showcase (>=2.0.2 <=2.0.4) +42 more potentially affected by CVE-2016-3082 via org.apache.struts:struts2-core (>=2.3.24 <=2.3.24.1)

org.apache.struts:struts2-core MAVEN version =2.3.24, =2.0.2, =2.0.2, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24, =2.3.24.1 and more Source cves: CVE-2016-3082 Source advisory: OSV:GHSA-PVM9-288C-V5WQ...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +213 more potentially affected by CVE-2016-3082 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.20.1)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-3082 Source advisory: OSV:GHSA-PVM9-288C-V5WQ...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +216 more potentially affected by CVE-2016-3093 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.24.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-3093 Source advisory: OSV:GHSA-383P-XQXX-RRMP...

org.apache.struts:struts2-apps (=2.3.28), org.apache.struts:struts2-assembly (=2.3.28) +39 more potentially affected by CVE-2016-3082 via org.apache.struts:struts2-core (=2.3.28)

org.apache.struts:struts2-core MAVEN version =2.3.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.struts:struts2-core and may be impacted: - org.apache.struts:struts2-apps =2.3.28 - org.apache.struts:struts2-assembly =2.3.28 -...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +171 more potentially affected by CVE-2013-4316 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.15.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 - com.google.inject.extensions:guice-struts2-plugin =2.0 and more Source cves: CVE-2013-4316 Source advisory: OSV:GHSA-J7H6-XR7G-M2C5...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +133 more potentially affected by CVE-2013-2248 via org.apache.struts:struts2-core (>=2.0.5 <=2.3.15)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 - com.google.inject.extensions:guice-struts2-plugin =2.0 - com.google.inject.integration:guice-struts2-plugin =1.0 - com.googlecode.rapid-framework:rapid-core =4.0 and more Source cves:...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +223 more potentially affected by CVE-2016-4436 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.28.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-4436 Source advisory: OSV:GHSA-XM92-V2MQ-842Q...