Apache OFBiz users urged to install latest version fast

Software developers using the open-source Apache OFBiz enterprise resource management and e-commerce suite are being urged to apply the latest security update after the discovery of a critical vulnerability that could allow a business to be hacked.

In technical terms, the vulnerability is called a Java serialization problem. Briefly, serialization converts a Java object into a byte stream which can be saved into a file on a local disk or sent over the network to any other machine. Deserialization reverses the process, restoring the serialized byte stream to an object again. This particular bug in OFBiz allows unsafe deserialization in versions prior to 17.12.06.

“An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz,” notes the description…


Source link

About coldfusion

Check Also

Ex-Woodford holdings continue to knock Schroders trust as NAV plunges 20%

Neil Woodford’s former holdings have continued to haunt his former trust inherited by Schroders which has …

Leave a Reply

Your email address will not be published. Required fields are marked *