CVE-2024-36104

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36104

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36104.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-36104

Published

2024-06-04T08:15:10Z

Modified

2025-07-03T02:50:08.612195Z

Summary

[none]

Details

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14.

Users are recommended to upgrade to version 18.12.14, which fixes the issue.

References

Affected packages

Git / github.com/apache/ofbiz-framework

Affected ranges

Type: GIT
Repo: https://github.com/apache/ofbiz-framework
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

cb8c65124bca100b109f3cd1f7008a32239f3255

Affected versions

release18.*

release18.12.01

release18.12.02

release18.12.03

release18.12.04

release18.12.05

release18.12.12

release18.12.13