...
List of Security Bulletins with Affected Version Changes
Security Bulletin | Previously announced Affected Releases | Updated Affected Releases | Minimum Fix Versions | CVE Identifier |
---|---|---|---|---|
S2-002 | 2.0.0 - 2.0.11 | 2.0.0 - 2.1.8.1 | 2.2.1 | |
S2-003 | 2.0.0 - 2.0.11.2 | 2.0.0 - 2.1.8.1 | 2.2.1 | CVE-2008-6504 |
S2-004 | 2.0.0 - 2.0.11.2 | 2.0.0 - 2.0.11.2 2.1.0 - 2.1.2 | 2.0.12 2.1.6 | CVE-2008-6505 |
S2-008 | 2.1.0 - 2.3.1 | 2.0.0 - 2.2.3 2.0.0 - 2.3.17 | 2.2.3.1 2.3.18 | CVE-2012-0391 CVE-2012-0394 |
S2-012 | Struts Showcase App 2.0.0 - 2.3.13 | 2.0.0 - 2.3.14.2 | 2.3.14.3 | CVE-2013-1965 |
S2-013 | 2.0.0 - 2.3.13 | 2.0.0 - 2.3.14.1 | 2.3.14.2 | CVE-2013-1966 |
S2-020 | 2.0.0 - 2.3.16 | 2.0.0 - 2.3.16.1 | 2.3.16.2 | CVE-2014-0094 |
S2-021 | 2.0.0 - 2.3.16.1 | 2.0.0 - 2.3.16.3 | 2.3.20 | CVE-2014-0112 CVE-2014-0113 |
S2-022 | 2.0.0 - 2.3.16.1 | 2.0.0 - 2.3.16.3 | 2.3.20 | CVE-2014-0116 |
...
S2-041 | 2.3.20 - 2.3.28.1 2.5 | 2.3.20 - 2.3.28.1 2.5 - 2.5.12 | 2.3.29 2.5.13 | CVE-2016-4465 |
S2-042 | 2.3.20 - 2.3.30 | 2.3.1-2.3.30 2.5 - 2.5.2 | 2.3.31 2.5.5 | CVE-2016-6795 |
S2-044 | 2.5 - 2.5.5 | 2.5 - 2.5.12 | 2.5.13 | CVE-2016-8738 |
S2-048 | Struts Showcase App 2.3.x | 2.1.x - 2.3.x | - | CVE-2017-9791 |
S2-051 | 2.3.7 - 2.3.33 2.5 - 2.5.12 | 2.1.6 - 2.3.33 2.5 - 2.5.12 | 2.3.34 2.5.13 | CVE-2017-9793 |
S2-053 | 2.0.1-2.3.33 2.5-2.5.10 | 2.0.0-2.3.33 2.5-2.5.10.1 | 2.3.34 2.5.12 | CVE-2017-12611 |
Workaround
Note |
---|
This is a temporal weak workaround. Please upgrade to Apache Struts version 2.3.35 or 2.5.17 ASAP because they also contain critical overall proactive security improvements |
...