CVE-2024-45195

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-45195
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45195.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-45195
Published
2024-09-04T09:15:04.397Z
Modified
2025-11-20T12:28:29.536135Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Direct Request ('Forced Browsing') vulnerability in Apache OFBiz.

This issue affects Apache OFBiz: before 18.12.16.

Users are recommended to upgrade to version 18.12.16, which fixes the issue.

References

Affected packages

Git / github.com/apache/ofbiz-framework

Affected ranges

Type
GIT
Repo
https://github.com/apache/ofbiz-framework
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1c94327c9930510984c23cb49abdd4da2376b33e

Affected versions

release18.*

release18.12.01
release18.12.02
release18.12.03
release18.12.04
release18.12.05
release18.12.12
release18.12.13
release18.12.14
release18.12.15

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "source": "https://github.com/apache/ofbiz-framework/commit/1c94327c9930510984c23cb49abdd4da2376b33e",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "139276705264638135234348526944819121168",
                "280657747080864602811420923693357412148",
                "299546659385001562185013724163742407040",
                "282388399963672273524809999680571151371",
                "217213491260005144244429196559289594723",
                "132280997078376151040218504804757199918",
                "60342324352989191783523153883833875560",
                "95243508427266037873753875418369422890",
                "299546659385001562185013724163742407040"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2024-45195-0f3f7754",
        "target": {
            "file": "framework/base/src/main/java/org/apache/ofbiz/base/util/UtilValidate.java"
        }
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45195.json"