Security News > 2018 > August > Apache Struts Issues Emergency Patch to Fix Critical Flaw

2018-08-23 12:18
Some Security Experts Recommend Replacing Struts Altogether, Due to Breach RiskApache has released an emergency fix for its Struts web application framework to patch a flaw that attackers can exploit to take full control of the application. Some incident response efforts, based on the severity of breaches they've investigated, recommend dropping Struts altogether.
News URL
https://www.inforisktoday.com/apache-struts-issues-emergency-patch-to-fix-critical-flaw-a-11412
Related news
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)