This is a static archive of our old Q&A Site. Please post any new questions and answers at

Apache Struts Vulnarabilities


Apache Struts is a popular web application framework. There have been several Critical vulnerabilities (3 this year) being found across wide range of Struts versions. A new Apache Struts vulnerability was discovered and announced this week. All versions of struts 2.1-2.3 and 2.5-2.5.12 are vulnerable. The official Apache info is located here:
As of right now, the only remediation is to upgrade to the latest version that was released on 9/20 - 2.3.34 or 2.5.13.

Could you pls confirm to me asap that Wireshark and all application(s) used by Wireshark are using Struts or not. If any of them are using Struts could you pls supply the version?


asked 21 Sep '17, 05:04

profke's gravatar image

accept rate: 0%

One Answer:


Wireshark doesn't use Struts, it's entirely self-supporting.

As to other applications that "use" Wireshark, (considering it's not a framework or server for others to build on), who knows.

answered 21 Sep '17, 05:10

grahamb's gravatar image

grahamb ♦
accept rate: 22%

Thank you!

(21 Sep '17, 06:09) profke