CVE-2024-25065
published 2024-02-29CVE-2024-25065: Possible path traversal in Apache OFBiz allowing authentication bypass. Users are recommended to upgrade to version 18.12.12, that fixes the issue.
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
Possible path traversal in Apache OFBiz allowing authentication bypass.
Users are recommended to upgrade to version 18.12.12, that fixes the issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ofbiz | < 18.12.12 | 18.12.12 |
| apache | ofbiz | — | — |
| apache_software_foundation | apache_ofbiz | < 18.12.12 | 18.12.12 |