Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/45410?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45410?format=api", "vulnerability_id": "VCID-9epf-zkmr-67a6", "summary": "Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout Module\nCross-site request forgery (CSRF) vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to execute arbitrary code in the scripting console via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter.", "aliases": [ { "alias": "CVE-2023-35030" }, { "alias": "GHSA-p2fc-xxr8-fw3p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/656655?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u77", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u77" }, { "url": "http://public2.vulnerablecode.io/api/packages/656573?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.78", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-rs2y-3c75-uycm" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-su57-hncy-5qg4" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-xv4h-g41b-c7c7" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.78" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65575?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u70", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u70" }, { "url": "http://public2.vulnerablecode.io/api/packages/656651?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u71", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u71" }, { "url": "http://public2.vulnerablecode.io/api/packages/656652?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u72" }, { "url": "http://public2.vulnerablecode.io/api/packages/65580?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u73", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u73" }, { "url": "http://public2.vulnerablecode.io/api/packages/656653?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u74" }, { "url": "http://public2.vulnerablecode.io/api/packages/656654?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u75", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u75" }, { "url": "http://public2.vulnerablecode.io/api/packages/65576?format=api", "purl": "pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u76", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-42k1-vb9z-3qe7" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-9hvg-h2ra-nbcc" }, { "vulnerability": "VCID-c3ym-wtv5-hfhr" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ezpm-x3vx-zfe6" }, { "vulnerability": "VCID-tqvb-a46r-jbf8" }, { "vulnerability": "VCID-xe2v-j69t-d3h3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.13.u76" }, { "url": "http://public2.vulnerablecode.io/api/packages/65570?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.70-ga70", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-t18w-rg4b-fqea" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.70-ga70" }, { "url": "http://public2.vulnerablecode.io/api/packages/653425?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.71", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.71" }, { "url": "http://public2.vulnerablecode.io/api/packages/653426?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.72" }, { "url": "http://public2.vulnerablecode.io/api/packages/653427?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.73", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.73" }, { "url": "http://public2.vulnerablecode.io/api/packages/653428?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-t18w-rg4b-fqea" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.74" }, { "url": "http://public2.vulnerablecode.io/api/packages/83031?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.75", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-rs2y-3c75-uycm" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-su57-hncy-5qg4" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.75" }, { "url": "http://public2.vulnerablecode.io/api/packages/69069?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.76", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-rs2y-3c75-uycm" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-su57-hncy-5qg4" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-uun9-ctyg-k3d9" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-xv4h-g41b-c7c7" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.76" }, { "url": "http://public2.vulnerablecode.io/api/packages/65219?format=api", "purl": "pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.77", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11qf-d5xp-4fey" }, { "vulnerability": "VCID-1jgz-k7zp-uydp" }, { "vulnerability": "VCID-1me4-suy5-ayhq" }, { "vulnerability": "VCID-27a1-teqk-cbe2" }, { "vulnerability": "VCID-292m-hgvs-93ey" }, { "vulnerability": "VCID-2bcr-bxek-skfq" }, { "vulnerability": "VCID-2dra-x6f5-xybz" }, { "vulnerability": "VCID-2mtb-mdha-qufv" }, { "vulnerability": "VCID-3hm3-htje-akgd" }, { "vulnerability": "VCID-434b-p73k-5fam" }, { "vulnerability": "VCID-4kym-jhtn-cfa3" }, { "vulnerability": "VCID-4xqq-69ab-1qew" }, { "vulnerability": "VCID-5732-ffyz-9fh5" }, { "vulnerability": "VCID-5bex-xcub-3qhr" }, { "vulnerability": "VCID-5nq8-gsav-5ffq" }, { "vulnerability": "VCID-68yp-31d3-zbay" }, { "vulnerability": "VCID-6yrk-8tj5-juhp" }, { "vulnerability": "VCID-8xx2-vtnr-dubu" }, { "vulnerability": "VCID-9epf-zkmr-67a6" }, { "vulnerability": "VCID-b24q-c9nx-hkdy" }, { "vulnerability": "VCID-brjh-tyur-ebc8" }, { "vulnerability": "VCID-by7b-2zr9-y3dj" }, { "vulnerability": "VCID-ca62-h2qv-v7bg" }, { "vulnerability": "VCID-ce9p-rwsz-zkf6" }, { "vulnerability": "VCID-d56y-s4zt-uyd7" }, { "vulnerability": "VCID-e5h2-wvws-3yhq" }, { "vulnerability": "VCID-ebzh-bpks-5qe2" }, { "vulnerability": "VCID-ej5y-geq1-pkfn" }, { "vulnerability": "VCID-evap-nt9g-akf6" }, { "vulnerability": "VCID-g41m-xvk2-xfda" }, { "vulnerability": "VCID-ggmh-6ef8-7ufj" }, { "vulnerability": "VCID-gyge-7d5c-6uhz" }, { "vulnerability": "VCID-hvpx-y297-sbha" }, { "vulnerability": "VCID-j3pc-gwg6-qfbs" }, { "vulnerability": "VCID-ksvn-b6hv-hfa7" }, { "vulnerability": "VCID-mbd8-z3ry-cqap" }, { "vulnerability": "VCID-mf9a-eusx-f3gb" }, { "vulnerability": "VCID-nhp5-61h7-ryf4" }, { "vulnerability": "VCID-pf71-p73a-xyda" }, { "vulnerability": "VCID-qy5u-7m7g-4ben" }, { "vulnerability": "VCID-r363-kggk-k3ds" }, { "vulnerability": "VCID-rns1-e6pd-tkex" }, { "vulnerability": "VCID-rs2y-3c75-uycm" }, { "vulnerability": "VCID-s86p-ew9a-rkgt" }, { "vulnerability": "VCID-su57-hncy-5qg4" }, { "vulnerability": "VCID-sw28-urg9-tqgd" }, { "vulnerability": "VCID-tf5n-etq9-2bg1" }, { "vulnerability": "VCID-turp-jxv8-1fgy" }, { "vulnerability": "VCID-w7z4-h1ug-z3cq" }, { "vulnerability": "VCID-wpqk-8fd9-p3ex" }, { "vulnerability": "VCID-xn1n-5rgc-83bg" }, { "vulnerability": "VCID-xv4h-g41b-c7c7" }, { "vulnerability": "VCID-y1wd-arvg-2ugt" }, { "vulnerability": "VCID-ynk1-3fye-bfcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.portal.bom@7.4.3.77" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01433", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01433", "scoring_system": "epss", "scoring_elements": "0.81044", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01433", "scoring_system": "epss", "scoring_elements": "0.81048", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35030" }, { "reference_url": "https://github.com/liferay/liferay-portal", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/liferay/liferay-portal" }, { "reference_url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030", "reference_id": "CVE-2023-35030", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:48:29Z/" } ], "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-35030" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35030", "reference_id": "CVE-2023-35030", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35030" }, { "reference_url": "https://github.com/advisories/GHSA-p2fc-xxr8-fw3p", "reference_id": "GHSA-p2fc-xxr8-fw3p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p2fc-xxr8-fw3p" } ], "weaknesses": [ { "cwe_id": 352, "name": "Cross-Site Request Forgery (CSRF)", "description": "The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9epf-zkmr-67a6" }