Homepage

com.liferay.portal:com.liferay.portal.impl vulnerabilities

Licenses: LGPL-2.1
Published: 9 years ago Last updated: 4 months ago Latest version: 114.1.0

License

LGPL-2.1[1.0.0,);
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the com.liferay.portal:com.liferay.portal.impl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Use of Web Browser Cache Containing Sensitive Information

[,69.0.0)
  • M
Brute Force

[,60.0.0)
  • M
Cleartext Storage of Sensitive Information

[,93.0.0)
  • M
Missing Authentication for Critical Function

[,97.0.0)
  • M
Allocation of Resources Without Limits or Throttling

[,97.0.0)
  • M
Cross-site Scripting (XSS)

[0,)
  • M
Authorization Bypass Through User-Controlled Key

[,99.0.1)
  • M
Directory Traversal

[,96.0.0)
  • M
Unchecked Input for Loop Condition

[,96.0.0)
  • M
Open Redirect

[,93.0.0)
  • M
Use of Default Credentials

[,97.0.0)
  • M
Server-side Request Forgery (SSRF)

[,113.1.0)
  • M
Insertion of Sensitive Information Into Sent Data

[,108.1.1)
  • M
Cross-site Scripting (XSS)

[,110.0.0)
  • M
Timing Attack

[,110.0.0)
  • M
Information Exposure

[,111.0.0)
  • M
Cross-site Scripting (XSS)

[,109.1.0)
  • M
Open Redirect

[,25.0.0)
  • M
Observable Discrepancy

[,40.0.0)
  • M
Insecure Default Initialization of Resource

[,37.0.0)
  • M
Open Redirect

[,31.0.2)
  • M
Incorrect Authorization

[,7.8.0)
  • H
Incorrect Authorization

[,8.2.1)
  • M
Insertion of Sensitive Information Into Sent Data

[,8.0.0)
  • C
Cross-site Scripting (XSS)

[,7.8.0)
  • M
Cross-site Request Forgery (CSRF)

[,5.25.0)
  • M
Observable Discrepancy

[,7.8.0)
  • M
Insecure Default Initialization of Resource

[,5.5.4)
  • M
Arbitrary File Write via Archive Extraction (Zip Slip)

[,47.1.0)
  • M
Open Redirect

[,7.9.0)
  • M
Access Restriction Bypass

[,6.05)
  • M
Information Exposure

[,5.11.0)
  • M
Improper Validation

[,5.7.3)
  • M
Information Exposure

[,5.11.0)
  • M
Improper Authorization

[,5.9.0)
  • M
Privilege Escalation

[,5.16.4)
  • M
Arbitrary File Access

[7.2.0,7.4.0)[0,7.1.3)
  • C
Deserialization of Untrusted Data

[4.0.0,4.7.0)[3.0.0,3.49.0)[,2.65.3)
  • M
Cross-site Scripting (XSS)

[,2.15.0)

Package versions

1622 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
114.1.013 Jul, 2025
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
114.0.05 Jul, 2025
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
113.1.24 Jul, 2025
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
113.1.123 Jun, 2025
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
113.1.021 Jun, 2025
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
113.0.214 Jun, 2025
  • 0
    C
  • 0
    H
  • 2
    M
  • 0
    L
113.0.131 May, 2025
  • 0
    C
  • 0
    H
  • 2
    M
  • 0
    L
113.0.031 May, 2025
  • 0
    C
  • 0
    H
  • 2
    M
  • 0
    L
112.0.01 May, 2025
  • 0
    C
  • 0
    H
  • 2
    M
  • 0
    L
111.0.14 Apr, 2025
  • 0
    C
  • 0
    H
  • 2
    M
  • 0
    L