CVE-2024-32113

CVE-2024-32113: Apache OFBiz: Path traversal leading to RCE

Vendor Apache Software Foundation

Product Apache OFBiz

Weakness CWE-22 · Path traversal

Published May 8, 2024

Last update October 21, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue.

Key dates

Disclosure timeline

May 8, 2024 CVE published

October 21, 2025 Record updated