Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
None
Description
Apache Struts was imported into Chukwa as dependency by velocity-tools. Struts has a high severity security defect, which is described in CVE-2017-9805. Struts 2.13 patched this security defect, and Chukwa should consider upgradeing to the latest Apache Struts.