com.liferay.portal:release.portal.bom vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2022-45320Mediumcom.liferay.portal:release.portal.bom: Privilege escalation in Liferay PortalCVE-2023-5190Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Open Redirect in Countries Management's Edit Region PageCVE-2024-25148Highcom.liferay.portal:release.portal.bom: Liferay Portal vulnerable to user impersonationCVE-2024-25146Mediumcom.liferay.portal:release.portal.bom: Liferay Portal allows attackers to discover the existence of sitesCVE-2024-25144Mediumcom.liferay.portal:release.portal.bom: Liferay Portal denial-of-service vulnerabilityCVE-2023-47798Mediumcom.liferay.portal:release.portal.bom: Liferay Portal's account lockout does not invalidate existing user sessionsCVE-2024-25143Highcom.liferay.portal:release.portal.bom: Liferay Portal denial of service (memory consumption)CVE-2024-25145Criticalcom.liferay.portal:release.portal.bom: Liferay Portal stored cross-site scripting (XSS) vulnerabilityCVE-2023-47797Criticalcom.liferay.portal:release.portal.bom: Liferay Portal XSS with `p_l_back_url_title` on edit content pageCVE-2023-35029Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Open Redirect via the Layout ModuleCVE-2023-35030Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout ModuleCVE-2023-3193Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to XSS via the Layout ModuleCVE-2023-33949Mediumcom.liferay.portal:release.portal.bom: Insecure Default Initialization In Liferay PortalCVE-2023-33950Mediumcom.liferay.portal:release.portal.bom: Liferay Portal has Inefficient Regular ExpressionCVE-2023-33944Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33948Highcom.liferay.portal:release.portal.bom: Missing authorization in Liferay portalCVE-2023-33946Mediumcom.liferay.portal:release.portal.bom: Liferay portal unauthorized access to objects via OAuth 2 scopeCVE-2023-33947Mediumcom.liferay.portal:release.portal.bom: Liferay portal has unauthorized access to object definition via search CVE-2023-33945Highcom.liferay.portal:release.portal.bom: SQL injection in Liferay PortalCVE-2023-33940Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33939Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33942Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33938Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33943Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2023-33941Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay Portal

Stop the waste.
Protect your environment with Kodem.