Homepage

com.liferay.portal:com.liferay.portal.impl vulnerabilities

  • latest version

    114.1.0

  • first published

    9 years ago

  • latest version published

    3 months ago

  • licenses detected

  • package registry

    View on Maven Central Repository
    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the com.liferay.portal:com.liferay.portal.impl package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Use of Web Browser Cache Containing Sensitive Information

    [,69.0.0)
    • M
    Brute Force

    [,60.0.0)
    • M
    Cleartext Storage of Sensitive Information

    [,93.0.0)
    • M
    Missing Authentication for Critical Function

    [,97.0.0)
    • M
    Allocation of Resources Without Limits or Throttling

    [,97.0.0)
    • M
    Cross-site Scripting (XSS)

    [0,)
    • M
    Authorization Bypass Through User-Controlled Key

    [,99.0.1)
    • M
    Directory Traversal

    [,96.0.0)
    • M
    Unchecked Input for Loop Condition

    [,96.0.0)
    • M
    Open Redirect

    [,93.0.0)
    • M
    Use of Default Credentials

    [,97.0.0)
    • M
    Server-side Request Forgery (SSRF)

    [,113.1.0)
    • M
    Insertion of Sensitive Information Into Sent Data

    [,108.1.1)
    • M
    Cross-site Scripting (XSS)

    [,110.0.0)
    • M
    Timing Attack

    [,110.0.0)
    • M
    Information Exposure

    [,111.0.0)
    • M
    Cross-site Scripting (XSS)

    [,109.1.0)
    • M
    Open Redirect

    [,25.0.0)
    • M
    Observable Discrepancy

    [,40.0.0)
    • M
    Insecure Default Initialization of Resource

    [,37.0.0)
    • M
    Open Redirect

    [,31.0.2)
    • M
    Incorrect Authorization

    [,7.8.0)
    • H
    Incorrect Authorization

    [,8.2.1)
    • M
    Insertion of Sensitive Information Into Sent Data

    [,8.0.0)
    • C
    Cross-site Scripting (XSS)

    [,7.8.0)
    • M
    Cross-site Request Forgery (CSRF)

    [,5.25.0)
    • M
    Observable Discrepancy

    [,7.8.0)
    • M
    Insecure Default Initialization of Resource

    [,5.5.4)
    • M
    Arbitrary File Write via Archive Extraction (Zip Slip)

    [,47.1.0)
    • M
    Open Redirect

    [,7.9.0)
    • M
    Access Restriction Bypass

    [,6.05)
    • M
    Information Exposure

    [,5.11.0)
    • M
    Improper Validation

    [,5.7.3)
    • M
    Information Exposure

    [,5.11.0)
    • M
    Improper Authorization

    [,5.9.0)
    • M
    Privilege Escalation

    [,5.16.4)
    • M
    Arbitrary File Access

    [7.2.0,7.4.0)[0,7.1.3)
    • C
    Deserialization of Untrusted Data

    [4.0.0,4.7.0)[3.0.0,3.49.0)[,2.65.3)
    • M
    Cross-site Scripting (XSS)

    [,2.15.0)

    Package versions

    1622 VERSIONS IN TOTAL See all versions
    versionpublisheddirect vulnerabilities
    114.1.013 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 0
      L
    114.0.05 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 0
      L
    113.1.24 Jul, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 0
      L
    113.1.123 Jun, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 0
      L
    113.1.021 Jun, 2025
    • 0
      C
    • 0
      H
    • 1
      M
    • 0
      L
    113.0.214 Jun, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 0
      L
    113.0.131 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 0
      L
    113.0.031 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 0
      L
    112.0.01 May, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 0
      L
    111.0.14 Apr, 2025
    • 0
      C
    • 0
      H
    • 2
      M
    • 0
      L