CVE-2025-66675
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion.
This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3.
Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.
It's related to https://cve.org/CVERecord?id=CVE-2025-64775 - this CVE addresses missing affected version 6.7.4
| Software | From | Fixed in |
|---|---|---|
| apache / struts | 2.0.0 | 2.3.37.x |
| apache / struts | 2.5.0 | 2.5.33.x |
| apache / struts | 6.0.0 | 6.8.0 |
| apache / struts | 7.0.0 | 7.1.1 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime