Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.liferay/com.liferay.portal.cluster.multiple@5.0.19
Typemaven
Namespacecom.liferay
Namecom.liferay.portal.cluster.multiple
Version5.0.19
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.0.35
Latest_non_vulnerable_version5.0.35
Affected_by_vulnerabilities
0
url VCID-vdbj-yyu1-tkbu
vulnerability_id VCID-vdbj-yyu1-tkbu
summary Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions that will treat it as trusted data via unauthenticated cluster messages.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62250
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06871
published_at 2026-06-12T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.0686
published_at 2026-06-13T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06848
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62250
1
reference_url https://github.com/liferay/liferay-portal
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal
2
reference_url https://liferay.atlassian.net/browse/LPE-17901
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://liferay.atlassian.net/browse/LPE-17901
3
reference_url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-62250
reference_id CVE-2025-62250
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-21T16:04:45Z/
url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-62250
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62250
reference_id CVE-2025-62250
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-62250
5
reference_url https://github.com/advisories/GHSA-6pgj-w687-9c8c
reference_id GHSA-6pgj-w687-9c8c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6pgj-w687-9c8c
fixed_packages
0
url pkg:maven/com.liferay/com.liferay.portal.cluster.multiple@5.0.35
purl pkg:maven/com.liferay/com.liferay.portal.cluster.multiple@5.0.35
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.portal.cluster.multiple@5.0.35
aliases CVE-2025-62250, GHSA-6pgj-w687-9c8c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdbj-yyu1-tkbu
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.portal.cluster.multiple@5.0.19