com.liferay.portal:portal-impl@6.2.0-RC3 vulnerabilities
-
latest version
6.2.5
-
first published
14 years ago
-
latest version published
8 years ago
-
licenses detected
- [6.0.2,7.0.0-nightly)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the com.liferay.portal:portal-impl package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
com.liferay.portal:portal-impl is a Portal Impl Affected versions of this package are vulnerable to Arbitrary File Upload which allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. How to fix Arbitrary File Upload? A fix was pushed into the |
[0,)
|
com.liferay.portal:portal-impl is a Portal Impl Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Deserialization of Untrusted Data in Liferay Portal allows remote attackers to execute arbitrary code via JSON web services (JSONWS). How to fix Deserialization of Untrusted Data? There is no fixed version for |
[0,)
|