VDB
CVE-2013-1768
CVE-2013-1768
REJECTED
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs.
EPSS 14.60% · 94.6th percentile
Risk Scores
EPSS Score
14.60%
94.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | openjpa | 0 |
| Ubuntu:14.04:LTS | openjpa | 0, 2.0.1-1 |
Timeline
- Jul 11, 2013 CVE Published
- Apr 19, 2018 CVE Updated
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 8, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2013-1768 third-party-advisory
- http://xforce.iss.net/xforce/xfdb/82268 third-party-advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21635999 third-party-advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86791 third-party-advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86788 third-party-advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86786 third-party-advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM86780 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462558 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462512 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462488 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462328 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462318 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462268 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462225 third-party-advisory
- http://svn.apache.org/viewvc?view=revision&revision=1462076 third-party-advisory
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0099.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2013-1768 third-party-advisory