Skip to main content

Struts

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-68493 Maven HIGH PATCH This Week

Struts versions up to 2.2.1 is affected by improper restriction of xml external entity reference (CVSS 8.1).

Apache Red Hat Struts
NVD HeroDevs VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-64775 Maven HIGH POC PATCH This Week

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Debian Ubuntu Red Hat +1
NVD GitHub HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-68493 Maven
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Struts versions up to 2.2.1 is affected by improper restriction of xml external entity reference (CVSS 8.1).

Apache Red Hat Struts
NVD HeroDevs VulDB
CVE-2025-64775 Maven
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.

Denial Of Service Apache Debian +3
NVD GitHub HeroDevs VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy