Security Advisory

CVE-2022-29158

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-02 07:10:20

Last updated 2024-08-03 06:10:59

Assigner apache

State PUBLISHED

Description

Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599

← Browse all CVEs View on cve.org ↗