Known vulnerabilities in Apache Foundation OFBiz

Known vulnerabilities in Apache Foundation OFBiz

Vendor: Apache Foundation

Website: https://www.apache.org

Total Security Bulletins: 31

Security bulletins (31)

Secuity bulletin	Severity	Status	Published
SB2025111174: Multiple vulnerabilities in Apache OFBiz	Critical	Patched	11.11.2025
SB2025040396: Stored XSS in Apache OFBiz	Low	Patched	03.04.2025
SB2024112149: Multiple vulnerabilities in Apache OFBiz	High	Patched	21.11.2024
SB2024090378: Multiple vulnerabilities in Apache OFBiz	High	Patched Exploited	03.09.2024
SB2024080628: Remote code execution in Apache OFBiz	High	Patched Exploited	06.08.2024
SB2024061426: Path traversal in Apache OFBiz	High	Patched Exploited	14.06.2024
SB2024060530: Path traversal in Apache OFBiz	High	Patched	05.06.2024
SB2024030135: Path traversal in Apache OFBiz	Medium	Patched	01.03.2024
SB2024022314: Information disclosure in Apache OFBiz	Medium	Patched	23.02.2024
SB2023122715: Multiple SSRF vulnerabilities in Apache OFBiz	Critical	Patched Exploited	27.12.2023
SB2023120526: Remote code execution in Apache Ofbiz	High	Patched Public exploit	05.12.2023
SB2023041022: Arbitrary file read in Apache OFBiz	Medium	Patched	10.04.2023
SB2023041021: Multiple vulnerabilities in Apache OfBiz	High	Patched	10.04.2023
SB2021121621: Remote code execution in OFBiz (Apache Log4j component)	Critical	Patched Exploited	16.12.2021
SB2021042814: Remote code execution in Apache OFBiz	High	Patched Public exploit	28.04.2021
SB2021032101: Remote code execution in Apache OFBiz	High	Patched Public exploit	21.03.2021
SB2020071543: Cross-site scripting in OFBiz	Low	Patched Public exploit	15.07.2020
SB2020071539: Input validation error in OFBiz	Medium	Patched	15.07.2020
SB2020050405: Multiple vulnerabilities in Apache OFBiz	Medium	Patched Public exploit	04.05.2020
SB2020030804: XSS in Apache OFBiz	Low	Patched	08.03.2020

Showing elements 1 - 20 out of 31