View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-7672 medium priority: Ubuntu including 1 source packages (libstruts1.2-java), 5 status rows across 5 suites (trusty, upstream, xenial, yakkety, zesty): DNE 4, not-affected 1.
If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12.