CVE-2024-47208
CVSS V2 None
CVSS V3 None
Description
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: before 18.12.17.
Users are recommended to upgrade to version 18.12.17, which fixes the issue.
Overview
- CVE ID
- CVE-2024-47208
- Assigner
- apache
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-18T08:43:17.743Z
- Last Modified Date
- 2024-11-18T09:03:46.416Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://ofbiz.apache.org/download.html | mitigation product release-notes |
https://ofbiz.apache.org/security.html | patch |
https://issues.apache.org/jira/browse/OFBIZ-13158 | issue-tracking |
https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11 | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-47208 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47208 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-19 13:18:47 | Added to TrackCVE |