Archive

Attackers Focus on Apache OFBiz Bug

Threat actors are targeting a critical flaw in the Apache OFBiz platform that was disclosed in late December.

Apache Fixes Critical Struts Flaw

The Apache Software Foundation has released updates to address a critical file upload vulnerability (CVE-2023-50164) in Struts.

Threat Actors Target Apache ActiveMQ Flaw

Apache disclosed this flaw and released patches for it on Oct. 25, and proof-of-concept exploit code is also available for the bug.

Apache Patches Two Important Bugs in Web Server

The Apache Software Foundation has fixed two important security flaws in version 2.4.56 of its HTTP Server.

Critical-Severity Flaw in Apache Commons Text Library Fixed

Details about the severity and scope of the vulnerability are still emerging, including the detection of any examples of real-world applications using vulnerable configurations of the impacted library.