Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP

Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP

6 years ago
Anonymous $L9wC17otzH

https://www.theregister.co.uk/2018/11/07/flaw_in_apache_struts/

The Apache Foundation is urging developers to update their Struts 2 installations and projects using the code – after a critical security flaw was found in a key component of the framework.

A warning this week from Apache reveals that devs should make sure their websites and other applications are running Struts versions 2.5.12, or later, to protect from exploits of CVE-2016-1000031. The vulnerability, a deserialization error that would allow unsanitized code in a Java Object to run unchecked, was found in the commons-fileupload library.

Last Seen
36 minutes ago
Reputation
0
Spam
0.000
Last Seen
9 minutes ago
Reputation
0
Spam
0.000
Last Seen
34 minutes ago
Reputation
0
Spam
0.000
Last Seen
2 hours ago
Reputation
0
Spam
0.000
Last Seen
58 minutes ago
Reputation
0
Spam
0.000
Last Seen
22 minutes ago
Reputation
0
Spam
0.000