CVE-2024-36104
published 2024-06-04CVE-2024-36104: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14…
critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EXPLOIT
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14.
Users are recommended to upgrade to version 18.12.14, which fixes the issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | ofbiz | < 18.12.14 | 18.12.14 |
| apache | ofbiz | — | — |
| apache_software_foundation | apache_ofbiz | < 18.12.14 | 18.12.14 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
vulncheck9.1CRITICAL