Struts

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-68493 HIGH PATCH This Week

Struts versions up to 2.2.1 is affected by improper restriction of xml external entity reference (CVSS 8.1).

Apache Struts Redhat
NVD HeroDevs VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-64775 HIGH POC PATCH This Week

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Ubuntu Debian Struts +1
NVD GitHub HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-68493
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Struts versions up to 2.2.1 is affected by improper restriction of xml external entity reference (CVSS 8.1).

Apache Struts Redhat
NVD HeroDevs VulDB
CVE-2025-64775
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Ubuntu +3
NVD GitHub HeroDevs VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy