-
1. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
mchoma Sep 8, 2017 9:12 AM (in response to billyaung)AFAIK, no. Wildfly delivers RestEasy as REST framework.
-
2. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
jaikiran Sep 8, 2017 9:17 AM (in response to billyaung)Struts is a web application development framework that can be used to develop web applications to deploy to (Java EE) servers. WildFly doesn't internally use or rely on Struts. Neither does it package that library.
-
3. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
gir489 Sep 8, 2017 12:07 PM (in response to billyaung)Yes, there does seem to be a lot of RCE exploits against Struts 2. Our project uses Struts 1. This was chosen for legacy reasons, but a small contributing factor was the large amount of targeted and crafted exploits against the Struts 2 framework.
-
4. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
billyaung Sep 10, 2017 9:34 PM (in response to gir489)Hi ,
@Robert , so Wildfly uses Struts 1?
Forgive me but I have 2 people saying Struts not used and 1 people stating that it does use Struts 1.
Thank you
-
5. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
ctomc Sep 11, 2017 4:30 AM (in response to billyaung)There is no version of struts anywhere in WildFly.
Not sure how can I tell that more clearly.
-
6. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
gir489 Sep 11, 2017 1:35 PM (in response to billyaung)No, read what I said. I said our project uses Struts 1. Wildfly is just an application server.
-
7. Re: Apache Struts 2 Vulnerability and its impact on the Wildfly 10.1.0
billyaung Sep 11, 2017 9:32 PM (in response to gir489)Yes. But then you could be one of the developers of Wildfly. If so , our project = Wildfly.
Yes , I had thought of that you could be having an application project on top of Wildfly and are referencing to it.
But I had to be sure.
Thanks