CVE-2024-47208

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47208
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47208.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-47208
Published
2024-11-18T09:15:06Z
Modified
2025-06-27T11:00:02.675315Z
Summary
[none]
Details

Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.

This issue affects Apache OFBiz: before 18.12.17.

Users are recommended to upgrade to version 18.12.17, which fixes the issue.

References

Affected packages

Git / github.com/apache/ofbiz-framework

Affected ranges

Type
GIT
Repo
https://github.com/apache/ofbiz-framework
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
de26aaebb484c7fdfe84b0efff52f31f8db5be8b

Affected versions

release18.*

release18.12.01
release18.12.02
release18.12.03
release18.12.04
release18.12.05
release18.12.12
release18.12.13
release18.12.14
release18.12.15
release18.12.16