Lucene search

K

[email protected]CVE-2024-25065

HistoryFeb 29, 2024 - 1:44 a.m.

CVE-2024-25065

2024-02-2901:44:14

CWE-22

[email protected]

web.nvd.nist.gov

1769

cve-2024-25065

apache ofbiz

path traversal

authentication bypass

upgrade

nvd

7.6 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.0%

Possible path traversal in Apache OFBiz allowing authentication bypass.
Users are recommended to upgrade to version 18.12.12, that fixes the issue.

References

www.openwall.com/lists/oss-security/2024/02/28/10

issues.apache.org/jira/browse/OFBIZ-12887

lists.apache.org/thread/rplfjp7ppn9ro49oo7jsrpj99m113lfc

ofbiz.apache.org/download.html

ofbiz.apache.org/release-notes-18.12.12.html

ofbiz.apache.org/security.html

7.6 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.0%

Related for CVE-2024-25065

cvelist1 prion1