An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS03MjlxLWZjZ3AtcjV4aM4AA3kR

High EPSS: 0.00197% (0.42188 Percentile) EPSS:

Apache Struts Improper Control of Dynamically-Managed Code Resources vulnerability

Affected Packages Affected Versions Fixed Versions
maven:org.apache.struts:struts2-core < 2.5.32, >= 6.0.0, < 6.1.2.2, >= 6.2.0, < 6.3.0.1 2.5.32, 6.1.2.2, 6.3.0.1
194 Dependent packages
6,183 Dependent repositories

Affected Version Ranges

All affected versions

2.0.5, 2.0.6, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.0.14, 2.1.2, 2.1.6, 2.1.8, 2.2.1, 2.2.3, 2.3.1, 2.3.3, 2.3.4, 2.3.7, 2.3.8, 2.3.12, 2.3.14, 2.3.15, 2.3.16, 2.3.20, 2.3.24, 2.3.28, 2.3.29, 2.3.30, 2.3.31, 2.3.32, 2.3.33, 2.3.34, 2.3.35, 2.3.36, 2.3.37, 2.5.1, 2.5.2, 2.5.5, 2.5.8, 2.5.10, 2.5.12, 2.5.13, 2.5.14, 2.5.16, 2.5.17, 2.5.18, 2.5.20, 2.5.22, 2.5.25, 2.5.26, 2.5.27, 2.5.28, 2.5.29, 2.5.30, 2.5.31, 6.0.0, 6.0.3, 6.1.1, 6.1.2, 6.2.0, 6.3.0, 6.4.0, 6.6.0, 6.6.1, 6.7.0, 6.7.4, 7.0.0, 7.0.3

All unaffected versions

2.5.32, 2.5.33