Dear Prachi, Struts is an Apache project, while syslog-ng provides versatile logging possibilites for unix platforms and has a separate code base. Could you please tell me from what aspect an Apache Struts vulnerability you suspect to affect syslog-ng? (in a way that the flaw should be corrected on syslog-ng's side) BR: Dw. -- dr Tóth Attila, Radiológus, 06-20-825-8057 Attila Toth MD, Radiologist, +36-20-825-8057 2023.December 14.(Cs) 08:14 időpontban Mayekar, PrachiX ezt írta:

Hi Team,

Can you please confirm whether Syslog is affected by this vulnerability:

Critical Severity Security Advisory: Apache Struts Vulnerability CVE-2023-50164

Thanks & Regards, Prachi Mayekar ITI-Network Services A Contingent Worker at Intel For assistance, please visit us at https://it.intel.com<https://it.intel.com/>

______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq