2 matches found
CVE-2022-29158
CVE-2022-29158 affects Apache OFBiz up to version 18.12.05. The issue is a Regular Expression Denial of Service (ReDoS) in how OFBiz handles URLs provided by external, unauthenticated users. Several trusted sources in the connected set corroborate this vulnerability and the remediation: upgrade t...
CVE-2022-29158 Regular Expression Denial of Service (ReDoS) vulnerability in Apache OFBiz
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service ReDoS in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599...