Apaches Patches Two Vulnerabilities in Struts Including...

Apaches Patches Two Vulnerabilities in Struts Including Potential Remote Code Execution (CVE-2019-0230)

The Apache Struts Security Team recently published security bulletins to address CVE-2019-0230 and CVE-2019-0233, two vulnerabilities in Apache Struts version 2.

Of the two flaws, CVE-2019-0230 is the most severe as there is potential for remote code execution through exploitation of this vulnerability. However, exploitation is not so straightforward, as each Struts application is unique, which means an attacker would need to craft their attacks to each vulnerable server. There are already multiple proof-of-concept code snippets in circulation that reportedly exploit this vulnerability.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Apaches Patches Two Vulnerabilities in Struts Including...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia