Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.liferay.portal/release.portal.bom@7.4.3.45-ga45
Typemaven
Namespacecom.liferay.portal
Namerelease.portal.bom
Version7.4.3.45-ga45
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version7.4.3.49
Latest_non_vulnerable_version7.4.3.120
Affected_by_vulnerabilities
0
url VCID-mbd8-z3ry-cqap
vulnerability_id VCID-mbd8-z3ry-cqap
summary 
Liferay Portal and Liferay DXP Vulnerable to Open Redirect in Countries Management's Edit Region Page
Open redirect vulnerability in the Countries Management’s edit region page in Liferay Portal 7.4.3.45 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 45 through 92 allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_address_web_internal_portlet_CountriesManagementAdminPortlet_redirect parameter.
references
0
reference_url https://github.com/liferay/liferay-portal
reference_id
reference_type
scores
url https://github.com/liferay/liferay-portal
1
reference_url https://github.com/liferay/liferay-portal/commit/26277c22498eb03bb192bbe9e5d2ee34d213780b
reference_id
reference_type
scores
url https://github.com/liferay/liferay-portal/commit/26277c22498eb03bb192bbe9e5d2ee34d213780b
2
reference_url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-5190
reference_id CVE-2023-5190
reference_type
scores
url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-5190
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5190
reference_id CVE-2023-5190
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-5190
4
reference_url https://github.com/advisories/GHSA-f3rf-cr7f-cwc4
reference_id GHSA-f3rf-cr7f-cwc4
reference_type
scores
url https://github.com/advisories/GHSA-f3rf-cr7f-cwc4
fixed_packages
0
url pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.102-ga102
purl pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.102-ga102
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.102-ga102
aliases CVE-2023-5190, GHSA-f3rf-cr7f-cwc4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbd8-z3ry-cqap
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.45-ga45