VDB
GCVE-110-MAGEIA-2013-292
GCVE-110-MAGEIA-2013-292
Advisory Published
Updated openjpa packages fix security vulnerability:
The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates
local executable JSP files containing logging trace data produced during
deserialization of certain crafted OpenJPA objects, which makes it easier
for remote attackers to execute arbitrary code by creating a serialized
object and leveraging improperly secured server programs (CVE-2013-1768).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | openjpa | 0 (affected), 2.0.0-1.1.mga2 (unaffected) | — |
| Mageia | openjpa | 0 (affected), 2.2.0-3.1.mga3 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.