{"id":"CVE-2024-45195","details":"Direct Request ('Forced Browsing') vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.16.\n\nUsers are recommended to upgrade to version 18.12.16, which fixes the issue.","modified":"2026-04-10T21:41:38.992291Z","published":"2024-09-04T09:15:04.397Z","references":[{"type":"WEB","url":"https://ofbiz.apache.org/download.html"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/o90dd9lbk1hh3t2557t2y2qvrh92p7wy"},{"type":"ADVISORY","url":"https://ofbiz.apache.org/security.html"},{"type":"ADVISORY","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45195"},{"type":"REPORT","url":"https://issues.apache.org/jira/browse/OFBIZ-13130"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2024/09/03/6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/ofbiz-framework","events":[{"introduced":"0"},{"fixed":"1c94327c9930510984c23cb49abdd4da2376b33e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"18.12.16"}]}}],"versions":["release18.12.01","release18.12.02","release18.12.03","release18.12.04","release18.12.05","release18.12.12","release18.12.13","release18.12.14","release18.12.15"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_type":"Line","id":"CVE-2024-45195-0f3f7754","signature_version":"v1","source":"https://github.com/apache/ofbiz-framework/commit/1c94327c9930510984c23cb49abdd4da2376b33e","target":{"file":"framework/base/src/main/java/org/apache/ofbiz/base/util/UtilValidate.java"},"digest":{"line_hashes":["139276705264638135234348526944819121168","280657747080864602811420923693357412148","299546659385001562185013724163742407040","282388399963672273524809999680571151371","217213491260005144244429196559289594723","132280997078376151040218504804757199918","60342324352989191783523153883833875560","95243508427266037873753875418369422890","299546659385001562185013724163742407040"],"threshold":0.9}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45195.json","vanir_signatures_modified":"2026-04-10T21:41:38Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}