CVE-2024-36104

June 4, 2024, 4:57 p.m.

Product(s) Impacted

Apache OFBiz

  • before 18.12.14

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14. Users are recommended to upgrade to version 18.12.14, which fixes the issue.

Weaknesses

Date

Published: June 4, 2024, 8:15 a.m.

Last Modified: June 4, 2024, 4:57 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@apache.org

References