Security News

A patchy Apache a-patchin: HTTP server gets fix for worrying root access hole
2019-04-03 19:52

Rogue 'worker' processes can sneak in with elevated privileges at startup Apache HTTP Server has been given a patch to address a potentially serious elevation of privilege vulnerability.…

Patched Apache flaw is a serious threat for web hosting providers
2019-04-03 11:04

Organizations running Apache web servers are urged to implement the latest security update to fix a serious privilege escalation flaw (CVE-2019-0211) that can be triggered via scripts and could...

New Apache Web Server Bug Threatens Security of Shared Web Hosts
2019-04-02 17:48

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP...

LibreOffice patches malicious code-execution bug, Apache OpenOffice... wait for it, wait for it... doesn't
2019-02-04 20:07

Remote scripting flaw in open-source productivity suites is at least partly fixed A security flaw affecting LibreOffice and Apache OpenOffice has been fixed in one of the two open-source office...

Apache Hadoop spins cracking code injection vulnerability YARN
2018-11-23 11:00

Loose .zips sink chips 2: Electric Boogaloo The "Zip Slip" vulnerability that first emerged in June has claimed another victim – the Apache Hadoop YARN NodeManager daemon.…

Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP
2018-11-07 01:49

Advisory issued over yet another critical security vulnerability The Apache Foundation is urging developers to update their Struts 2 installations and projects using the code – after a critical...

Apache Struts Users Told to Update Vulnerable Component
2018-11-06 14:21

Apache Struts developers are urging users to update a file upload library due to the existence of two vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS)...

Apache Struts Warns Users of Two-Year-Old Vulnerability
2018-11-06 13:27

Users must update their vulnerable libraries manually.

Apache Struts 2.3.x vulnerable to two year old RCE flaw
2018-11-06 11:28

The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited for remote code...

What You Need to Know about the Recent Apache Struts Vulnerability
2018-11-05 09:55

Researchers recently revealed a vulnerability in Apache Struts, a popular type of enterprise software. Active exploit attempts weren’t far behind.