CVE-2022-29158

Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS) in the way it handles URLs provided by external, unauthenticated users. Upgrade to 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12599
Configurations

Configuration 1

cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*

Information

Published : 2022-09-02 07:15

Updated : 2022-09-09 02:36


NVD link : CVE-2022-29158

Mitre link : CVE-2022-29158

Products Affected
No products.