RE: CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability

Tue, 11 Apr 2023 00:12:08 -0700 

Hello Jacques!!
I have a question, is it necessary to update the entire project or just the Solr plugin? 

On 2023/04/10 09:21:12 Jacques Le Roux wrote:
> Severity: important
>
> Description:
>

> Arbitrary file reading vulnerability in Apache Software Foundation 
Apache OFBiz.This issue affects Apache OFBiz: before 18.12.07.

>
> Required Configurations:
>
> Using the Solr plugin
>
> Solution:
>
> Upgrade to release 18.12.07
>
> Credit:
>
> Skay (finder)
>
> References:
>
> https://lists.apache.org/list.html?annou...@apache.org
> https://ofbiz.apache.org/download.html
> https://ofbiz.apache.org/security.html
> https://ofbiz.apache.org/
> https://www.cve.org/CVERecord?id=CVE-2022-47501
>
>






















					Reply via email to