Security News

Rogue 'worker' processes can sneak in with elevated privileges at startup Apache HTTP Server has been given a patch to address a potentially serious elevation of privilege vulnerability.…

Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via scripts and could...

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP...

Remote scripting flaw in open-source productivity suites is at least partly fixed A security flaw affecting LibreOffice and Apache OpenOffice has been fixed in one of the two open-source office...

Loose .zips sink chips 2: Electric Boogaloo The "Zip Slip" vulnerability that first emerged in June has claimed another victim – the Apache Hadoop YARN NodeManager daemon.…

Advisory issued over yet another critical security vulnerability The Apache Foundation is urging developers to update their Struts 2 installations and projects using the code – after a critical...

Apache Struts developers are urging users to update a file upload library due to the existence of two vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS)...

Users must update their vulnerable libraries manually.

The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited for remote code...

Researchers recently revealed a vulnerability in Apache Struts, a popular type of enterprise software. Active exploit attempts weren’t far behind.