Apache Software Foundation / Apache Struts

40 vulnerabilities across affected versions.

CVE-2017-5638CRITICAL9.82.3.x before 2.3.32 – 2.3.x before 2.3.32

CVE-2017-5638CRITICAL9.82.5.x before 2.5.10.1 – 2.5.x before 2.5.10.1

CVE-2017-9791CRITICAL9.82.1.x series – 2.1.x series

CVE-2017-9791CRITICAL9.82.3.x series – 2.3.x series

CVE-2020-17530CRITICAL9.8Struts 2.0.0 - Struts 2.5.25 – Struts 2.0.0 - Struts 2.5.25

CVE-2025-66675HIGH8.22.0.0 – 6.7.*

CVE-2025-66675HIGH8.27.0.0 – 7.0.*

CVE-2017-9805HIGH8.1Apache Struts before 2.3.34 and 2.5.x before 2.5.13 – Apache Struts before 2.3.34 and 2.5.x before 2.5.13

CVE-2018-11776HIGH8.12.5 to 2.5.16 – 2.5 to 2.5.16

CVE-2018-11776HIGH8.12.3 to 2.3.34 – 2.3 to 2.3.34

CVE-2025-68493HIGH8.12.2.1 – 6.1.0

CVE-2025-68493HIGH8.12.0.0 – 2.2.1

CVE-2023-41835HIGH7.52.0.0 – 2.5.31

CVE-2023-41835HIGH7.56.1.2.1 – 6.3.0

CVE-2025-64775HIGH7.52.0.0 – 6.7.0

CVE-2025-64775HIGH7.57.0.0 – 7.0.3

CVE-2023-34149MEDIUM4.30 – 6.1.2

CVE-2023-34149MEDIUM4.30 – 2.5.30

CVE-2023-34396MEDIUM4.30 – 6.1.2

CVE-2023-34396MEDIUM4.30 – 2.5.30

CVE-2015-2992UNRATEDbefore 2.3.20 – before 2.3.20

CVE-2016-6795UNRATED2.3.x before 2.3.31 – 2.3.x before 2.3.31

CVE-2016-6795UNRATED2.5.x before 2.5.5 – 2.5.x before 2.5.5

CVE-2016-8738UNRATED2.5 - 2.5.5 – 2.5 - 2.5.5

CVE-2017-12611UNRATED2.5 - 2.5.10.1 – 2.5 - 2.5.10.1

CVE-2017-12611UNRATED2.0.0 - 2.3.33 – 2.0.0 - 2.3.33

CVE-2017-15707UNRATED2.5 to 2.5.14 – 2.5 to 2.5.14

CVE-2017-7672UNRATED2.5 to 2.5.10.1 – 2.5 to 2.5.10.1

CVE-2017-9787UNRATED2.5 to 2.5.10.1 – 2.5 to 2.5.10.1

CVE-2017-9787UNRATED2.3.x prior to 2.3.33 – 2.3.x prior to 2.3.33

CVE-2017-9793UNRATED2.3.7 - 2.3.33 – 2.3.7 - 2.3.33

CVE-2017-9793UNRATED2.5 - 2.5.12 – 2.5 - 2.5.12

CVE-2017-9793UNRATED2.1.x series – 2.1.x series

CVE-2017-9804UNRATED2.3.7 - 2.3.33 – 2.3.7 - 2.3.33

CVE-2017-9804UNRATED2.5 - 2.5.12 – 2.5 - 2.5.12

CVE-2018-1327UNRATEDApache Struts 2.1.1 to 2.5.14.1 – Apache Struts 2.1.1 to 2.5.14.1

CVE-2021-31805UNRATED2.0.0 to 2.5.29 – 2.0.0 to 2.5.29

CVE-2023-50164UNRATED6.0.0 – 6.3.0.1

CVE-2023-50164UNRATED2.0.0 – 2.5.32

CVE-2024-53677UNRATED2.0.0 – 6.4.0