Apache Product Security Update Advisory (CVE-2024-53677)

Dec 17 2024

Overview

We have released security updates to fix vulnerabilities in Apache products. users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-53677

Apache Struts versions: 2.at least 0.0 (inclusive) to 2.3.37 (inclusive)
Apache Struts versions: 2.5.0 at least (inclusive) to 2.5.33 (inclusive)
Apache Struts Versions: 6.0.0 at least (inclusive) to 6.3.0.2 (inclusive)

Resolved Vulnerabilities

Remote code execution vulnerability in Apache Struts (CVE-2024-53677)

Vulnerability Patches

vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-53677

Apache Struts version: 6.4.0 and at least version 6.4.0

references

[1] CVE-2024-53677 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-53677

[2] cwiki.apache.org

https://cwiki.apache.org/confluence/display/WW/S2-067

Apache Product Security Update Advisory (CVE-2024-53677)

Cleo Product Security Update Advisory (CVE-2024-50623)

IBM Product Security Update Advisory

Tags:

Cleo Product Security Update Advisory (CVE-2024-50623)

IBM Product Security Update Advisory