Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2024-23946 | Medium | Feb 29, 2024 | Possible path traversal in Apache OFBiz allowing file inclusion. Users are recommended to upgrade to version 18.12.12, that fixes the issue. |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|
|
CVE-2023-51467 | Critical | Dec 26, 2023 | The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|
|
CVE-2023-50968 | High | Dec 26, 2023 | Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The more... |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|
|
CVE-2023-49070 | Critical | Dec 05, 2023 | Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Use more... |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|
|
CVE-2023-46819 | Medium | Nov 07, 2023 | Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin. This issue affects Apache OFBiz: before 18.12.09. Users more... |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|
|
CVE-2022-47501 | BDSA-2023-0799 | High | Apr 14, 2023 | Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a pre-authentication attack. This more... |
18.12.06, 17.12.09, 18.12.05, 18.12.04, 18.12.03, 18.12.02, 18.12.01, 17.12.08, 17.12.07, 17.12.06
|