Apache security advisory (AV23-748)

From: Canadian Centre for Cyber Security

Serial number: AV23-748
Date: December 8, 2023

On December 4, 2023, Apache published a security advisory to address a vulnerability in the following products:

  • Apache Struts – versions 2.0.0 to 2.3.37 (EOL)
  • Apache Struts – versions 2.5.0 to 2.5.32
  • Apache Struts – versions 6.0.0 to 6.3.0

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: