Software Integrity Blog

Author Archive

Stephen Mort

stephen-mort

Stephen is a vulnerability analyst who has been involved in open source software for over decade.


Posts by Stephen Mort:

 

CVE-2017-5638: Anatomy of the Apache Struts vulnerability

With good reason, a lot of attention has been given to the recent vulnerability in the Struts MVC framework (CVE-2017-5638). Because of its extensive functionality, Struts is a widely used open source component in web applications. However, these same benefits and Struts’ integration with other frameworks can make upgrades and patches challenging. My goal is to […]

Continue Reading...

Posted in Data Breach, Open Source Security | Comments Off on CVE-2017-5638: Anatomy of the Apache Struts vulnerability