Description
Apache OFBiz has unsafe deserialization prior to 17.12.07 version
References
http://www.openwall.com/lists/oss-security/2021/04/27/5
Mailing ListPatchThird Party Advisory
Mailing ListMitigationVendor Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-04-27T20:15:08.903
4 years agoLast modified
2023-11-07T03:32:58.600
1 year ago