com.liferay.portal:release.portal.bom vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-33331Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLsCVE-2021-33332Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS)CVE-2021-33334Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Fails to Properly Check User PermissionsCVE-2021-33333Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Fails to Check User Permissions for Workflow SubmissionsCVE-2021-29053Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Multiple SQL InjectionsCVE-2021-29043Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP May Reveal S3 Store's Proxy PasswordCVE-2021-29044Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Membership Request Admin PageCVE-2021-29046Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Asset Module ParameterCVE-2021-29048Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in the Layout Admin PageCVE-2021-29045Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via the Redirect's Admin PageCVE-2021-29052Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Fails to Check PermissionsCVE-2021-29051Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Asset Publisher AppCVE-2021-29039Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via Categories Admin PageCVE-2021-29047Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Fails to Invalidate CAPTCHA Answers After UseCVE-2021-29040Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Reveals Data via Overly Verbose Error MessagesCVE-2020-25476Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via User Name Parameter CVE-2020-15840Mediumcom.liferay.portal:com.liferay.portal.impl: Liferay Portal and Liferay DXP Bypass via Double Encoded URLCVE-2020-15842Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP have Insecure Deserialization VulnerabilityCVE-2020-15841Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Potentially Reveal LDAP Server Password via Unsafe ConnectionCVE-2020-13445Highcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Vulnerable to Arbitrary Code ExecutionCVE-2020-13444Mediumcom.liferay.portal:release.portal.bom: Liferay Portal and Liferay DXP Fails to Sanitize API DataCVE-2020-7934Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Vulnerable to Persistent Cross-Site Scripting (XSS) in MyAccountPortletCVE-2019-16891Criticalcom.liferay.portal:release.portal.bom: Liferay Portal Allows RCE via Deserialization of a JSON PayloadCVE-2019-6588Mediumcom.liferay.portal:release.portal.bom: Liferay Portal Allows Cross-Site Scripting (XSS) via the SimpleCaptcha APICVE-2017-12648Mediumcom.liferay.portal:release.portal.bom: Liferay Portal XSS Vulnerability

Stop the waste.
Protect your environment with Kodem.