com.liferay.portal:release.portal.bom vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2023-33937Mediumcom.liferay.portal:release.portal.bom: Cross-site scripting in Liferay PortalCVE-2022-42122Criticalcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to SQL Injection via Friendly URL ModuleCVE-2022-42132Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Includes LDAP Credentials in the Page URLCVE-2022-42124Highcom.liferay.portal:release.portal.bom: Inefficient Regular Expression Complexity in Liferay Portal CVE-2022-42126Mediumcom.liferay.portal:release.portal.bom: Missing permissions check in Liferay PortalCVE-2022-42128Mediumcom.liferay.portal:release.portal.bom: Incorrect Default Permissions in Liferay PortalCVE-2022-42125Highcom.liferay.portal:release.portal.bom: Path Traversal in Liferay PortalCVE-2022-42123Highcom.liferay.portal:release.portal.bom: Path Traversal in Liferay PortalCVE-2022-42127Mediumcom.liferay.portal:release.portal.bom: Incorrect Default Permissions in Liferay PortalCVE-2022-42130Mediumcom.liferay.portal:release.portal.bom: Incorrect Default Permissions in Liferay PortalCVE-2022-42131Mediumcom.liferay.portal:release.portal.bom: Improper Certificate Validation in Liferay PortalCVE-2022-42129Mediumcom.liferay.portal:release.portal.bom: Authorization Bypass in Liferay PortalCVE-2022-41414Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Insecure Default Configuration in auth.login.prompt.enabledCVE-2022-39975Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Missing Authorization vulnerabilityCVE-2022-28977Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP HtmlUtil.escapeRedirect Can Be CircumventedCVE-2021-33330Mediumcom.liferay.portal:release.portal.bom: Exposure of Resource to Wrong Sphere in Liferay PortalCVE-2021-33335Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Has Company Administrator Accounts Vulnerable to TakeoversCVE-2021-33336Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Journal Module and Liferay DXP Vulnerable to Cross-Site Scripting (XSS)CVE-2021-33339Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Fragment Module and Liferay DXP Vulnerable to Cross-Site ScriptingCVE-2021-33338Highcom.liferay.portal:release.portal.bom: Liferay Portal Layout Module and Liferay DXP Exposes the Cross-Site Request Forgery (CSRF) Token in URLsCVE-2021-35463Mediumcom.liferay.portal:release.portal.bom: Liferay Portal cross-site scripting (XSS) vulnerability in the Frontend Taglib moduleCVE-2021-33325Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Stores User Passwords in CleartextCVE-2021-33328Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Edit Vocabulary PageCVE-2021-33321Highcom.liferay.portal:com.liferay.portal.impl: Liferay Portal and Liferay DXP insecure default configurationCVE-2021-33324Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Don't Check Permissions of Pages

Stop the waste.
Protect your environment with Kodem.