Search cyberveille.decio.ch

Found 6 bookmarks

Custom sorting

7 December 2023 - Apache Struts version 6.3.0.2 General Availability

7 December 2023 - Apache Struts version 6.3.0.2 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” release. The GA designation is our highest quality grade. The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework has been designed to streamline the full development cycle, from building, to deploying, to maintaining applications over time. This version addresses a potential security vulnerability identified as CVE-2023-50164 and described in S2-066 - please read the mentioned security bulletins for more details. This is a drop-in replacement and upgrade should be straightforward.

#apache.org #EN #2023 #CVE-2023-50164 #Apache #Struts #annonce #Vulnerability

·struts.apache.org·Dec 18, 2023

7 December 2023 - Apache Struts version 6.3.0.2 General Availability

CVE-2023-50164

Apache Struts is a popular Java web application framework. On December 7, 2023 Apache published an advisory for CVE-2023-50164, a Struts parameter pollution vu…

#attackerkb #EN #2023 #CVE-2023-50164 #Apache #Struts #analysis

·attackerkb.com·Dec 15, 2023

CVE-2023-50164

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

On October 27, Rapid7 Managed Detection & Response identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in 2 separate customer environments.

#rapid7 #EN #2023 #CVE-2023-46604 #Apache #ActiveMQ

·rapid7.com·Nov 4, 2023

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Cyber experts and officials raise alarms about exploits against Citrix and Apache productsoited vulnerability (KEV) list.

Several new vulnerabilities with critical severity scores are causing alarm among experts and cyber officials. Zero-day bugs affecting products from Citrix and Apache have recently been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) known exploited vulnerability (KEV) list. Incident responders at the cybersecurity company Rapid7 warned of hackers connected to the HelloKitty ransomware exploiting a vulnerability affecting Apache ActiveMQ, classified as CVE-2023-46604. Apache ActiveMQ is a Java-language open source message broker that facilitates communication between servers.

#therecord #EN #2023 #CVE-2023-46604 #Apache #ActiveMQ #Citrix

·therecord.media·Nov 3, 2023

Cyber experts and officials raise alarms about exploits against Citrix and Apache productsoited vulnerability (KEV) list.

CVE-2023-46604

Apache ActiveMQ is a message broker service, designed to act as a communication bridge between disparate services. Developed in Java, it can broker multiple pr…

#attackerkb #EN #2023 #analysis #CVE-2023-46604 #Apache #ActiveMQ

·attackerkb.com·Nov 1, 2023

CVE-2023-46604

Tomcat Under Attack: Exploring Mirai Malware and Beyond

Tomcat Vulnerability explore some of the techniques used by the Mirai botnet to exploit a single attack directed at one of our Apache Tomcat honeypots.

#aquasec #EN #2023 #Tomcat #Mirai #botnet #Apache

·blog.aquasec.com·Jul 31, 2023

Tomcat Under Attack: Exploring Mirai Malware and Beyond