Apache Security Advisory (AV23-748)

We want to bring to your attention a recent security advisory issued by Apache on December 4, 2023, addressing a vulnerability in the following products:

  • Apache Struts – versions 2.0.0 to 2.3.37 (End of Life)
  • Apache Struts – versions 2.5.0 to 2.5.32
  • Apache Struts – versions 6.0.0 to 6.3.0

The Canadian Centre for Cyber Security strongly encourages users and administrators to review the details provided in the web link, perform the suggested mitigations, and apply the necessary updates to ensure the security of your systems.

Your prompt attention to this matter is crucial to maintaining the integrity and security of your systems. If you have any questions or concerns, please do not hesitate to contact our support team.