- Description
- Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- struts
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security@apache.org
- CWE-459
- Hype score
- Not currently trending
#VulnerabilityReport #ApacheStruts CVE-2025-64775: Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion https://t.co/Eem2anCk63
@Komodosec
7 Jan 2026
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-64775: Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) https://t.co/x3Tn04l4Z1 Severity: important
@oss_security
4 Dec 2025
872 Impressions
0 Retweets
3 Likes
2 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-64775 : Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion 🔗FOFA Link: https://t.co/UxNi7CYuu4 🎯2.6m+ Results are found on the https://t.co/pb16tGXCUG nearly year. FOFA Query: app="Struts2" 🔖Refer: https://t.co/SptNSA6REN #OSINT #
@fofabot
3 Dec 2025
1389 Impressions
3 Retweets
15 Likes
6 Bookmarks
0 Replies
0 Quotes
Apache Strutsでディスク枯渇のDoS脆弱性"File Leak"が修正。CVE-2025-64775 (S2-068)が採番されている。ロジック不備に起因し、multipartリクエスト時に作成される一時ファイルが適切に削除されない場合があり、大量リク
@__kokumoto
2 Dec 2025
713 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-64775 : Denial of Service vulnerability in Apache Struts 📊2.3M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/iVneFHpiWK 👇Query HUNTER : https://t.co/q9rtuGfZuz="Apache Struts" 📰Refer:https://t.co/6ElroFQ437
@HunterMapping
2 Dec 2025
2321 Impressions
7 Retweets
34 Likes
9 Bookmarks
2 Replies
0 Quotes
CVE-2025-64775 Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 thro… https://t.co/CwAgKludxX
@CVEnew
1 Dec 2025
141 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D11388-EEE4-40F9-939E-E22BF85AFC3D",
"versionEndExcluding": "6.8.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D73897-58B2-4229-A621-B651E4797241",
"versionEndExcluding": "7.1.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]