all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-50164: Another vulnerability in the widely used Apache Struts2 component

Add to bookmarks
Dec. 14, 2023, 9:39 p.m. | jwayman@sonatype.com (Jeff Wayman)

Sonatype Blog blog.sonatype.com




Yet another remote code execution vulnerability in Apache’s Struts2 Framework has been discovered - leaving many with strong feelings of Deja Vu. If you're a developer, it's not unreasonable to be concerned about how you may spend the final weeks of 2023.

apache apache struts2 code code execution cve cve-2023-50164 developer devzone feelings framework malware prevention may remote code remote code execution struts2 vulnerabilities vulnerability

Visit resource

More from blog.sonatype.com / Sonatype Blog

The overview effect: Two decades of unique perspective 6 days, 11 hours ago | blog.sonatype.com
data dependencies effect experience +9
Protecting your development environment: Lessons from Log4j and beyond 6 days, 12 hours ago | blog.sonatype.com
beyond development devops environment +10
Russia-linked 'Lumma' crypto stealer now targets Python devs 6 days, 13 hours ago | blog.sonatype.com
app build building coding +25
I have an SBOM, now what? 1 week, 4 days ago | blog.sonatype.com
food food industry industry origins +11
PyPI crypto-stealer targets Windows users, revives malware campaign 1 week, 4 days ago | blog.sonatype.com
campaign code crypto discovery +22
Zero-day vulnerabilities: A beginner's guide 2 weeks, 4 days ago | blog.sonatype.com
article beginner guide log4shell +8
The new Sonatype Learn: Self-service educational materials where and when you need them 3 weeks, 3 days ago | blog.sonatype.com
courses devops educational industry +15
The new Sonatype Learn: Self-service educational materials where and when you need them 3 weeks, 3 days ago | blog.sonatype.com
courses devops educational industry +15
Enhance security with Sonatype Lifecycle and ServiceNow Application Vulnerability Response (AVR) integration 3 weeks, 3 days ago | blog.sonatype.com
application application vulnerability integration integrations +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com