Security Advisory

CVE-2025-66675

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-10 09:32:58

Last updated 2025-12-10 14:53:13

Assigner apache

State PUBLISHED

Description

Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. Its related to https://cve.org/CVERecord?id=CVE-2025-64775 - this CVE addresses missing affected version 6.7.4

← Browse all CVEs View on cve.org ↗