VDB

GCVE-110-MAGEIA-2013-292

GCVE-110-MAGEIA-2013-292
Advisory Published
Vulnetix · Advisory published October 5, 2013
Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs (CVE-2013-1768).

Affected Products

VendorProductVersionsPlatforms
Mageiaopenjpa0 (affected), 2.0.0-1.1.mga2 (unaffected)
Mageiaopenjpa0 (affected), 2.2.0-3.1.mga3 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›