The Latest in IT Security

Apache Struts 2.3.16.2 Released to Properly Fix Zero-Day Vulnerability

28
Apr
2014

Last week, The Apache Software Foundation released version 2.3.16.2 of Apache Struts, the open-source framework for creating Java web applications, to address a zero-day vulnerability. The issue should have been patched since early March.

In March, the Apache Struts group announced Struts 2.3.16.1, which fixed a couple of security issues: ClassLoader manipulation via request parameters, and an update to the Commons FileUpload library to prevent denial-of-service (DOS) attacks.

It turns out …

Comments are closed.

Categories

FRIDAY, JULY 20, 2018

Featured

Archives

Latest Comments

Social Networks