VulnerableCode Package Details - pkg:maven/com.liferay.portal/com.liferay.portal.impl@7.7.9

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.liferay.portal/com.liferay.portal.impl@7.7.9

purl	pkg:maven/com.liferay.portal/com.liferay.portal.impl@7.7.9

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-duvg-hkyn-uqcs	Liferay Portal and Liferay DXP fails to check permissions to view sites/groups Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI.	CVE-2022-26595 GHSA-822f-jfpg-hg7h

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T00:55:51.548916+00:00	GHSA Importer	Fixing	VCID-duvg-hkyn-uqcs	https://github.com/advisories/GHSA-822f-jfpg-hg7h	38.6.0
2026-05-30T20:57:40.084380+00:00	GitLab Importer	Fixing	VCID-duvg-hkyn-uqcs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.liferay.portal/com.liferay.portal.impl/CVE-2022-26595.yml	38.6.0