VYPR
Moderate severityNVD Advisory· Published Jun 14, 2023· Updated Feb 13, 2025

Apache Struts: DoS via OOM owing to not properly checking of list bounds

CVE-2023-34149

Description

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2.

Upgrade to Struts 2.5.31 or 6.1.2.1 or greater.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.struts:struts2-coreMaven
< 2.5.312.5.31
org.apache.struts:struts2-coreMaven
>= 6.0.0, < 6.1.2.16.1.2.1

Affected products

2

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.