Apache OFBiz has unsafe deserialization prior to 17.12.07 version
References
Configurations
History
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
20 Sep 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MLIST) https://lists.apache.org/thread.html/rab718cfe6468085d7560c0c1ae816841e175886199f42e36efb8d735@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r078351a876ed284ba667b33aba29428d7308a5bd4df78f14a3df6661@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory |
11 Aug 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Jun 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 May 2021, 15:00
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.apache.org/thread.html/rbe512e5ccd6b11169c6379daa1234bc805f3d53c5a38224e956295ce@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cannounce.apache.org%3E - Mailing List, Mitigation, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rb82f41de3c44bb644632531f79649046ca76afeab25a2bdb9991ab84@%3Cnotifications.ofbiz.apache.org%3E - Mailing List, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cuser.ofbiz.apache.org%3E - Mailing List, Mitigation, Vendor Advisory | |
References | (MISC) https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E - Mailing List, Mitigation, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r108a964764b8bd21ebd32ccd4f51c183ee80a251c105b849154a8e9d@%3Ccommits.ofbiz.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E - Mailing List, Mitigation, Vendor Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/04/27/5 - Mailing List, Patch, Third Party Advisory | |
CWE | CWE-502 | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CPE | cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* |
27 Apr 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Apr 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-27 20:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-30128
Mitre link : CVE-2021-30128
CVE.ORG link : CVE-2021-30128
JSON object : View
Products Affected
apache
- ofbiz
CWE
CWE-502
Deserialization of Untrusted Data