COOEY // HUBcompliance · community · intelligence

FAIL › dossier

OFBiz product

3
failure events
0
zero-days
3
RCEs
3
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2025-02-04 CVE-2024-45195 high ⚡RCE ⌖KEV 65 Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.
2024-08-27 CVE-2024-38856 high ⚡RCE ⌖KEV 65 Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker.
2024-08-07 CVE-2024-32113 high ⚡RCE ⌖KEV 65 Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.