oss-sec mailing list archives
CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability
From: Jacques Le Roux <jleroux () apache org>
Date: Mon, 10 Apr 2023 09:21:11 +0000
Severity: important Description: Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz.This issue affects Apache OFBiz: before 18.12.07. Required Configurations: Using the Solr plugin Solution: Upgrade to release 18.12.07 Credit: Skay <lhcaomail () gmail com> (finder) References: https://lists.apache.org/list.html?announce () apache org https://ofbiz.apache.org/download.html https://ofbiz.apache.org/security.html https://ofbiz.apache.org/ https://www.cve.org/CVERecord?id=CVE-2022-47501
Current thread:
- CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Jacques Le Roux (Apr 10)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Seth Arnold (Apr 17)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Jacques Le Roux (Apr 18)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Seth Arnold (Apr 18)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Jacques Le Roux (Apr 19)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Jacques Le Roux (Apr 18)
- Re: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Seth Arnold (Apr 17)