Ofbiz Security Vulnerabilities and Issues — Ofbiz CVE List

Lucene search

ApacheOfbiz

5 matches found

CVE•added 2024/02/29 1:44 a.m.•129 views

CVE-2024-23946

Possible path traversal in Apache OFBiz allowing file inclusion.Users are recommended to upgrade to version 18.12.12, that fixes the issue.

5.3CVSS5.3AI score0.03638EPSS

CVE•added 2022/09/02 7:15 a.m.•50 views

CVE-2022-25370

Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious u...

5.4CVSS5.3AI score0.00904EPSS

CVE•added 2023/11/07 11:15 a.m.•48 views

CVE-2023-46819

Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.This issue affects Apache OFBiz: before 18.12.09. Users are recommended to upgrade to version 18.12.09

5.3CVSS5.3AI score0.00304EPSS

CVE•added 2020/02/06 5:15 p.m.•43 views

CVE-2019-12426

an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06

5.3CVSS5.2AI score0.0302EPSS

CVE•added 2020/07/15 4:15 p.m.•33 views

CVE-2020-13923

IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04

5.3CVSS5.3AI score0.02534EPSS