Apache OFBiz has unsafe deserialization prior to 17.12.07 version
References
Configurations
History
20 Sep 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MLIST) https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory |
11 Aug 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Jun 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-04-27 20:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-30128
Mitre link : CVE-2021-30128
CVE.ORG link : CVE-2021-30128
JSON object : View
Products Affected
apache
- ofbiz
CWE
CWE-502
Deserialization of Untrusted Data