Vendor Patch ExistsVendor Resources
| Resource | Link |
|---|---|
| Apache Struts Announcements | https://struts.apache.org/announce-2021 |
Community Resources
| Resource | Link |
|---|---|
| Apache Struts Announcements | https://struts.apache.org/announce-2021 |
| Apache Struts Release Downloads | https://struts.apache.org/download.cgi#struts-ga |
Community Notes
| Source | Note |
|---|---|
| NCSC-NL | CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix |
| NCSC-NL | The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). |
| CISAGov | The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). |
| CISAGov | Last Update: 12/21/2021 |
Sources
| Date | Attribution | Description |
|---|---|---|
| 2021-12-31 9:06:53 | NCSC-NL | Updated vendorPatchExists. Updated community note. Updated community link Apache Struts Announcements. Updated community note. |
| 2021-12-30 21:31:50 | CISAGov | Updated vendorPatchExists. Updated vendor link Apache Struts Announcements. Updated community link Apache Struts Release Downloads. Updated community note. Updated community note. |