| 0 |
| url |
VCID-1gd6-wm47-ufad |
| vulnerability_id |
VCID-1gd6-wm47-ufad |
| summary |
Liferay Portal and Liferay DXP vulnerable to email spam via lack of flagging rate |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33320 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00392 |
| scoring_system |
epss |
| scoring_elements |
0.60717 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00392 |
| scoring_system |
epss |
| scoring_elements |
0.60612 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00392 |
| scoring_system |
epss |
| scoring_elements |
0.60719 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00392 |
| scoring_system |
epss |
| scoring_elements |
0.60728 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33320 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 7 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 8 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 9 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 10 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 11 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 12 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 13 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 14 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 15 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 16 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 17 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 18 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 19 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 20 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 21 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 22 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 23 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 24 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 25 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 26 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 27 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 28 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 29 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 30 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 31 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 32 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 33 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 34 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 35 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 36 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 37 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 38 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 39 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 40 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 41 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 42 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 43 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 44 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 45 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 46 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 47 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 48 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 49 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 50 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 51 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 52 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 53 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 54 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 55 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 56 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 57 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 58 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 59 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 60 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 61 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 62 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
|
|
| aliases |
CVE-2021-33320, GHSA-wg4x-hf94-fj5v
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1gd6-wm47-ufad |
|
| 1 |
| url |
VCID-1k1u-jptu-n3d7 |
| vulnerability_id |
VCID-1k1u-jptu-n3d7 |
| summary |
Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Document Library module |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33337 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49673 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49536 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49679 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00258 |
| scoring_system |
epss |
| scoring_elements |
0.49692 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33337 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 6 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 7 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 12 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 13 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 14 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 15 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 16 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 20 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 23 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 24 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 25 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 26 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 27 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 28 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 29 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 30 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 31 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 37 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 38 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 39 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 40 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 41 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 42 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 43 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
|
|
| aliases |
CVE-2021-33337, GHSA-v88g-7fx4-9q7f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1k1u-jptu-n3d7 |
|
| 2 |
| url |
VCID-48hp-m4m8-cqge |
| vulnerability_id |
VCID-48hp-m4m8-cqge |
| summary |
In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4 before update 26, 7.3 before update 5, 7.2 before fix pack 19, and older unsupported versions the default value of the portal property `http.header.version.verbosity` is set to `full`, which allows remote attackers to easily identify the version of the application that is running and the vulnerabilities that affect that version via 'Liferay-Portal` response header. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-26267, GHSA-2mvj-q2q3-wxjv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-48hp-m4m8-cqge |
|
| 3 |
| url |
VCID-4qnf-vd8e-9yfr |
| vulnerability_id |
VCID-4qnf-vd8e-9yfr |
| summary |
Liferay Portal and Liferay DXP Stores User Passwords in Cleartext |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33325 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00123 |
| scoring_system |
epss |
| scoring_elements |
0.3118 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00123 |
| scoring_system |
epss |
| scoring_elements |
0.30985 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00123 |
| scoring_system |
epss |
| scoring_elements |
0.31178 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00123 |
| scoring_system |
epss |
| scoring_elements |
0.31195 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33325 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2021-33325, GHSA-6c88-gvxw-f5hg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4qnf-vd8e-9yfr |
|
| 4 |
|
| 5 |
| url |
VCID-6ejn-7nds-1qb6 |
| vulnerability_id |
VCID-6ejn-7nds-1qb6 |
| summary |
Liferay Portal and Liferay DXP Fails to Check User Permissions for Workflow Submissions |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33333 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52337 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52208 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.5233 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00285 |
| scoring_system |
epss |
| scoring_elements |
0.52348 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33333 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 18 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 19 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 20 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 21 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 23 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 24 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 25 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 26 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 28 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 31 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 32 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 40 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 41 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 42 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 43 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 44 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 45 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 46 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 47 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 48 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 49 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 50 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 51 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 52 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 53 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 54 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 55 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 56 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 57 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
|
|
| aliases |
CVE-2021-33333, GHSA-g7xc-m762-wg8f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6ejn-7nds-1qb6 |
|
| 6 |
| url |
VCID-6gyp-c7wt-qfb5 |
| vulnerability_id |
VCID-6gyp-c7wt-qfb5 |
| summary |
Unrestricted Upload of File with Dangerous Type in Liferay Portal and Liferay DXP |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15839 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01076 |
| scoring_system |
epss |
| scoring_elements |
0.78279 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.01076 |
| scoring_system |
epss |
| scoring_elements |
0.78211 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.01076 |
| scoring_system |
epss |
| scoring_elements |
0.78288 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.01076 |
| scoring_system |
epss |
| scoring_elements |
0.78293 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15839 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 10 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 11 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 12 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 13 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 14 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 15 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 16 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 17 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 18 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 24 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 27 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 28 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 29 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 30 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 31 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 32 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 33 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 34 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 35 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 36 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 37 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 41 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 42 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 43 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 44 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 18 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 19 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 20 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 21 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 23 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 24 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 25 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 26 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 28 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 31 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 32 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 40 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 41 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 42 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 43 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 44 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 45 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 46 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 47 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 48 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 49 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 50 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 51 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 52 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 53 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 54 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 55 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 56 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 57 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
|
|
| aliases |
CVE-2020-15839, GHSA-c7f6-4vx5-4263
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6gyp-c7wt-qfb5 |
|
| 7 |
| url |
VCID-76r8-wfvh-pkg4 |
| vulnerability_id |
VCID-76r8-wfvh-pkg4 |
| summary |
Liferay Portal and Liferay DXP Reveals Data via Overly Verbose Error Messages |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29040 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.61375 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.61266 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.61371 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.61379 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29040 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 14 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 20 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 21 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 31 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 32 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 33 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 34 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 35 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 36 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 37 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 38 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
|
|
| aliases |
CVE-2021-29040, GHSA-87x7-pwrx-jch7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-76r8-wfvh-pkg4 |
|
| 8 |
| url |
VCID-91rc-5gz3-dbcf |
| vulnerability_id |
VCID-91rc-5gz3-dbcf |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in the Layout Admin Page |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29048 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6534 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6523 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6533 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65341 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29048 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp11 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 7 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 8 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 9 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 10 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 11 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 18 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 21 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 22 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 23 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 28 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 29 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 32 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 33 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 34 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 35 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 36 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp11 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29048, GHSA-4fx8-82f3-xcpc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-91rc-5gz3-dbcf |
|
| 9 |
| url |
VCID-9bfa-6qqd-d7gb |
| vulnerability_id |
VCID-9bfa-6qqd-d7gb |
| summary |
|
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13444 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00249 |
| scoring_system |
epss |
| scoring_elements |
0.48463 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00249 |
| scoring_system |
epss |
| scoring_elements |
0.48601 |
| published_at |
2026-06-12T12:55:00Z |
|
| 2 |
| value |
0.00249 |
| scoring_system |
epss |
| scoring_elements |
0.4862 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00249 |
| scoring_system |
epss |
| scoring_elements |
0.48606 |
| published_at |
2026-06-14T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13444 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2020-13444, GHSA-8j5r-9687-88w5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9bfa-6qqd-d7gb |
|
| 10 |
| url |
VCID-9u32-4n1x-77ce |
| vulnerability_id |
VCID-9u32-4n1x-77ce |
| summary |
HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' (U+FFFD), which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, (3) `noSuchEntryRedirect` parameter, and (4) others parameters that rely on HtmlUtil.escapeRedirect. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25608 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.1765 |
| scoring_system |
epss |
| scoring_elements |
0.95251 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.1765 |
| scoring_system |
epss |
| scoring_elements |
0.95273 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.1765 |
| scoring_system |
epss |
| scoring_elements |
0.95266 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.1765 |
| scoring_system |
epss |
| scoring_elements |
0.95271 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25608 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-25608, GHSA-548x-j6x6-hcv4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9u32-4n1x-77ce |
|
| 11 |
| url |
VCID-9xdb-721c-hqgf |
| vulnerability_id |
VCID-9xdb-721c-hqgf |
| summary |
Liferay Portal and Liferay DXP allows arbitrary injection via web content template names |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-26596 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.46099 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.45962 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.46107 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.0023 |
| scoring_system |
epss |
| scoring_elements |
0.46113 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-26596 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 11 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 12 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 13 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 14 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 15 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 16 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 17 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 18 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 19 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 20 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 21 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 22 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 23 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 24 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 25 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 26 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 27 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 28 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 29 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 30 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 31 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 32 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 33 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 34 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 35 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 36 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 37 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 38 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 39 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 40 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 41 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 42 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 43 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 44 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
|
|
| aliases |
CVE-2022-26596, GHSA-w7f2-6896-6mm2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9xdb-721c-hqgf |
|
| 12 |
| url |
VCID-a62g-s5j4-73fr |
| vulnerability_id |
VCID-a62g-s5j4-73fr |
| summary |
User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 before update 8, 7.2 before fix pack 20, and older unsupported versions allows remote attackers to determine if an account exist in the application by comparing the request's response time. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-26268 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00304 |
| scoring_system |
epss |
| scoring_elements |
0.54091 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00304 |
| scoring_system |
epss |
| scoring_elements |
0.54221 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00304 |
| scoring_system |
epss |
| scoring_elements |
0.54216 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00304 |
| scoring_system |
epss |
| scoring_elements |
0.54233 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-26268 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-26268, GHSA-qm43-g2xj-hvg5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a62g-s5j4-73fr |
|
| 13 |
| url |
VCID-b12f-kdez-2qau |
| vulnerability_id |
VCID-b12f-kdez-2qau |
| summary |
Liferay Portal and Liferay DXP Fails to Properly Check User Permissions |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33334 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.24094 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23897 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.24081 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.24102 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33334 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 18 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 19 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 20 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 21 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 23 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 24 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 25 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 26 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 28 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 31 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 32 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 40 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 41 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 42 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 43 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 44 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 45 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 46 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 47 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 48 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 49 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 50 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 51 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 52 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 53 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 54 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 55 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 56 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 57 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
|
|
| aliases |
CVE-2021-33334, GHSA-g37f-j8hh-736f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b12f-kdez-2qau |
|
| 14 |
| url |
VCID-bmbd-g58w-z3gy |
| vulnerability_id |
VCID-bmbd-g58w-z3gy |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Asset Publisher App |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29051 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00317 |
| scoring_system |
epss |
| scoring_elements |
0.55329 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00317 |
| scoring_system |
epss |
| scoring_elements |
0.55205 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00317 |
| scoring_system |
epss |
| scoring_elements |
0.55327 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00317 |
| scoring_system |
epss |
| scoring_elements |
0.55343 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29051 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 13 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 14 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 15 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 16 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 17 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 18 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 19 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 20 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 21 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 22 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 23 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 24 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 25 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 26 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 14 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 20 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 21 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 31 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 32 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 33 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 34 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 35 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 36 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 37 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 38 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29051, GHSA-jvvx-8g42-9559
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bmbd-g58w-z3gy |
|
| 15 |
| url |
VCID-bvbr-288p-xkak |
| vulnerability_id |
VCID-bvbr-288p-xkak |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web scripts or HTML via parameters with the filter_ prefix. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-28980 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48421 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48281 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48418 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00247 |
| scoring_system |
epss |
| scoring_elements |
0.48436 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-28980 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
http://liferay.com |
| reference_id |
liferay.com |
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:48:12Z/ |
|
|
| url |
http://liferay.com |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.4.10.ep1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.4.10.ep1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-4jau-1np8-6fd5 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 5 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 6 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 7 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 8 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 9 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 10 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 11 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 12 |
| vulnerability |
VCID-mmy3-eycu-q7bu |
|
| 13 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 14 |
| vulnerability |
VCID-qfdp-4b77-uqda |
|
| 15 |
| vulnerability |
VCID-uxjd-h6fd-sbgf |
|
| 16 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 17 |
| vulnerability |
VCID-wfhk-xspf-7yev |
|
| 18 |
| vulnerability |
VCID-xfq5-m4vf-cyaj |
|
| 19 |
| vulnerability |
VCID-zc53-8p5g-2kcv |
|
| 20 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.4.10.ep1 |
|
|
| aliases |
CVE-2022-28980, GHSA-8mp9-w7gr-pvj3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bvbr-288p-xkak |
|
| 16 |
| url |
VCID-cdmw-ujbw-yqbj |
| vulnerability_id |
VCID-cdmw-ujbw-yqbj |
| summary |
Liferay Portal and Liferay DXP fails to invalidate password reset tokens after use |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 10 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 11 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 12 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 13 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 14 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 15 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 16 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 17 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 18 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 24 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 27 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 28 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 29 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 30 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 31 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 32 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 33 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 34 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 35 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 36 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 37 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 41 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 42 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 43 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 44 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 7 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 8 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 9 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 10 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 11 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 12 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 13 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 14 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 15 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 16 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 17 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 18 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 19 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 20 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 21 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 22 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 23 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 24 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 25 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 26 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 27 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 28 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 29 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 30 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 31 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 32 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 33 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 34 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 35 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 36 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 37 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 38 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 39 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 40 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 41 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 42 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 43 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 44 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 45 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 46 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 47 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 48 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 49 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 50 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 51 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 52 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 53 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 54 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 55 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 56 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 57 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 58 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 59 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 60 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 61 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 62 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
|
|
| aliases |
CVE-2021-33322, GHSA-vwj8-4grf-3r8v
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cdmw-ujbw-yqbj |
|
| 17 |
| url |
VCID-ckbc-n5n3-dka6 |
| vulnerability_id |
VCID-ckbc-n5n3-dka6 |
| summary |
Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older unsupported versions does not obfuscate password reminder answers on the page, which allows attackers to use man-in-the-middle or shoulder surfing attacks to steal user's password reminder answers. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29038 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00094 |
| scoring_system |
epss |
| scoring_elements |
0.26285 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00094 |
| scoring_system |
epss |
| scoring_elements |
0.26486 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00094 |
| scoring_system |
epss |
| scoring_elements |
0.265 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00094 |
| scoring_system |
epss |
| scoring_elements |
0.26487 |
| published_at |
2026-06-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29038 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29038, GHSA-mwhf-6mjm-6w3h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ckbc-n5n3-dka6 |
|
| 18 |
| url |
VCID-cn4z-f8ej-ruha |
| vulnerability_id |
VCID-cn4z-f8ej-ruha |
| summary |
Liferay Portal and Liferay DXP Fails to Invalidate CAPTCHA Answers After Use |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29047 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52783 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52658 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52786 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00288 |
| scoring_system |
epss |
| scoring_elements |
0.52801 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29047 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29047, GHSA-9mxg-p873-6793
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cn4z-f8ej-ruha |
|
| 19 |
| url |
VCID-dy73-grbk-tyb6 |
| vulnerability_id |
VCID-dy73-grbk-tyb6 |
| summary |
|
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13445 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0371 |
| scoring_system |
epss |
| scoring_elements |
0.88233 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.0371 |
| scoring_system |
epss |
| scoring_elements |
0.88273 |
| published_at |
2026-06-12T12:55:00Z |
|
| 2 |
| value |
0.0371 |
| scoring_system |
epss |
| scoring_elements |
0.88279 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.0371 |
| scoring_system |
epss |
| scoring_elements |
0.88278 |
| published_at |
2026-06-14T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13445 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 10 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 11 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 12 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 13 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 14 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 15 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 16 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 17 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 18 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 24 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 27 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 28 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 29 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 30 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 31 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 32 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 33 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 34 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 35 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 36 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 37 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 41 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 42 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 43 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 44 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 18 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 19 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 20 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 21 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 23 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 24 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 25 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 26 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 28 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 31 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 32 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 40 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 41 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 42 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 43 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 44 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 45 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 46 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 47 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 48 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 49 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 50 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 51 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 52 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 53 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 54 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 55 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 56 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 57 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
|
|
| aliases |
CVE-2020-13445, GHSA-v377-8f8f-532h
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dy73-grbk-tyb6 |
|
| 20 |
| url |
VCID-fer2-q3rr-2khd |
| vulnerability_id |
VCID-fer2-q3rr-2khd |
| summary |
Liferay Portal and Liferay DXP Don't Check Permissions of Pages |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33324 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.30917 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.30719 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.30919 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.30934 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33324 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 7 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 8 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 9 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 10 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 11 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 12 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 13 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 14 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 15 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 16 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 17 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 18 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 19 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 20 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 21 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 22 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 23 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 24 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 25 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 26 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 27 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 28 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 29 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 30 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 31 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 32 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 33 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 34 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 35 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 36 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 37 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 38 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 39 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 40 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 41 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 42 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 43 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 44 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 45 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 46 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 47 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 48 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 49 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 50 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 51 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 52 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 53 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 54 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 55 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 56 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 57 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 58 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 59 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 60 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 61 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 62 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
|
|
| aliases |
CVE-2021-33324, GHSA-474f-cmx5-gm69
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fer2-q3rr-2khd |
|
| 21 |
| url |
VCID-fx8b-2pzj-uyg6 |
| vulnerability_id |
VCID-fx8b-2pzj-uyg6 |
| summary |
Liferay Portal Journal Module and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33336 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37808 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.3763 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37821 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37833 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33336 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 10 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 11 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 12 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 13 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 14 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 15 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 16 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 17 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 18 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 24 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 27 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 28 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 29 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 30 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 31 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 32 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 33 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 34 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 35 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 36 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 37 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 41 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 42 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 43 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 44 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp18 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2021-33336, GHSA-fvg6-9r88-7w85
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| url |
VCID-g52h-8r1h-dfhe |
| vulnerability_id |
VCID-g52h-8r1h-dfhe |
| summary |
Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML into the Search Result app's search result if highlighting is disabled by adding any searchable content (e.g., blog, message board message, web content article) to the application. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25145 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35693 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35883 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35874 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35896 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25145 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-25145, GHSA-9vgq-w5pv-v77q
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g52h-8r1h-dfhe |
|
| 23 |
| url |
VCID-g6wt-vwuh-cua8 |
| vulnerability_id |
VCID-g6wt-vwuh-cua8 |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via Membership Request Admin Page |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29044 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6534 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6523 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.6533 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65341 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29044 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 13 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 14 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 15 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 16 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 17 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 18 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 19 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 20 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 21 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 22 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 23 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 24 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 25 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 26 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 14 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 20 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 21 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 31 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 32 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 33 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 34 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 35 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 36 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 37 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 38 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29044, GHSA-wcr5-3q96-c2gr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g6wt-vwuh-cua8 |
|
| 24 |
| url |
VCID-gkpd-2p17-7fcq |
| vulnerability_id |
VCID-gkpd-2p17-7fcq |
| summary |
A SQL injection vulnerability in the Layout module in Liferay Portal 7.1.3 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before service pack 3, and 7.4 GA allows remote authenticated attackers to execute arbitrary SQL commands via a crafted payload injected into a page template's 'Name' field. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42121 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.70196 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.70093 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.70184 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00605 |
| scoring_system |
epss |
| scoring_elements |
0.70198 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42121 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
| reference_url |
http://liferay.com |
| reference_id |
liferay.com |
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T15:01:37Z/ |
|
|
| url |
http://liferay.com |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-42121, GHSA-gxxj-fhmr-37j9
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gkpd-2p17-7fcq |
|
| 25 |
| url |
VCID-gngs-dm98-eqc2 |
| vulnerability_id |
VCID-gngs-dm98-eqc2 |
| summary |
Reflected cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.38, and Liferay DXP 7.4 GA through update 38 allows remote attackers to execute arbitrary web script or HTML via Dispatch name field |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11993 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38976 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.3899 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38804 |
| published_at |
2026-06-11T12:55:00Z |
|
| 3 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38999 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11993 |
|
| 1 |
| reference_url |
https://github.com/liferay/liferay-portal |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/liferay/liferay-portal |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-11993, GHSA-4hxr-28mv-q729
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gngs-dm98-eqc2 |
|
| 26 |
| url |
VCID-hkq7-mdbr-hkb2 |
| vulnerability_id |
VCID-hkq7-mdbr-hkb2 |
| summary |
Liferay Portal and Liferay DXP Bypass via Double Encoded URL |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15840 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41395 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41229 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41404 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00194 |
| scoring_system |
epss |
| scoring_elements |
0.41413 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15840 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2020-15840, GHSA-vrwx-q9pj-x488
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| url |
VCID-hqd6-nkr9-4ffm |
| vulnerability_id |
VCID-hqd6-nkr9-4ffm |
| summary |
Liferay DXP Vulnerable to Cross-Site Scripting (XSS) via the currentURL Parameter |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29049 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51653 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51526 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51656 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51667 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29049 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 13 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 14 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 15 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 16 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 17 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 18 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 19 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 20 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 21 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 22 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 23 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 24 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp12 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 7 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 8 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 9 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 10 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 11 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 18 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 19 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 20 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 21 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 22 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 23 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 24 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 25 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 26 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 30 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 31 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 32 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 33 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 34 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 35 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp12 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29049, GHSA-w28v-87g6-cjr6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hqd6-nkr9-4ffm |
|
| 28 |
| url |
VCID-jrqh-vfu7-dkfh |
| vulnerability_id |
VCID-jrqh-vfu7-dkfh |
| summary |
Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLs |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33331 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.58399 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.58286 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.58403 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.58414 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33331 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 11 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 12 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 13 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 14 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 15 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 16 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 17 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 18 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 19 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 20 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 21 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 22 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 23 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 24 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 25 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 26 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 27 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 28 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 29 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 30 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 31 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 32 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 33 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 34 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 35 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 36 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 37 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 38 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 39 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 40 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 41 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 42 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 43 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 44 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 45 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 46 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 47 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 48 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp8 |
|
|
| aliases |
CVE-2021-33331, GHSA-mj8w-h522-jwm8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jrqh-vfu7-dkfh |
|
| 29 |
| url |
VCID-jxe5-tt8r-cbag |
| vulnerability_id |
VCID-jxe5-tt8r-cbag |
| summary |
Liferay Portal Layout Module and Liferay DXP Exposes the Cross-Site Request Forgery (CSRF) Token in URLs |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33338 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29217 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29013 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29224 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29235 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33338 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 18 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 19 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 20 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 21 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 22 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 23 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 24 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 25 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 26 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 27 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 28 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 31 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 32 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 40 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 41 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 42 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 43 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 44 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 45 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 46 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 47 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 48 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 49 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 50 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 51 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 52 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 53 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 54 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 55 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 56 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 57 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp6 |
|
|
| aliases |
CVE-2021-33338, GHSA-4frg-rpx6-96qh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jxe5-tt8r-cbag |
|
| 30 |
| url |
VCID-k469-ety8-rqby |
| vulnerability_id |
VCID-k469-ety8-rqby |
| summary |
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attackers to view any template via the UI or API. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25605 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40276 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40456 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40444 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40467 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25605 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-25605, GHSA-mf8h-grfg-j9j3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k469-ety8-rqby |
|
| 31 |
| url |
VCID-k644-swhk-k7b1 |
| vulnerability_id |
VCID-k644-swhk-k7b1 |
| summary |
|
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15841 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.5691 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.57031 |
| published_at |
2026-06-12T12:55:00Z |
|
| 2 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.57045 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00337 |
| scoring_system |
epss |
| scoring_elements |
0.57037 |
| published_at |
2026-06-14T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15841 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-cdmw-ujbw-yqbj |
|
| 18 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 19 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 20 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 21 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 22 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 23 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 24 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 25 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 26 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 27 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 28 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 31 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 32 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 40 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 41 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 42 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 43 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 44 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 45 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 46 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 47 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp4 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 3 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 4 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 5 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 6 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 7 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 8 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 9 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 10 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 11 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 12 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 13 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 14 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 15 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 16 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 17 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 18 |
| vulnerability |
VCID-b4t3-pryv-x3a7 |
|
| 19 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 20 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 21 |
| vulnerability |
VCID-cdmw-ujbw-yqbj |
|
| 22 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 23 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 24 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 25 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 26 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 27 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 28 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 29 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 30 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 31 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 32 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 33 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 34 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 35 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 36 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 37 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 38 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 39 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 40 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 41 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 42 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 43 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 44 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 45 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 46 |
| vulnerability |
VCID-qcxr-ayvy-z3h2 |
|
| 47 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 48 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 49 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 50 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 51 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 52 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 53 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 54 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 55 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 56 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 57 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 58 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 59 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 60 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 61 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 62 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 63 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 64 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 65 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp4 |
|
|
| aliases |
CVE-2020-15841, GHSA-773f-f929-qgjj
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k644-swhk-k7b1 |
|
| 32 |
|
| 33 |
| url |
VCID-mqut-n4an-x3cs |
| vulnerability_id |
VCID-mqut-n4an-x3cs |
| summary |
Information disclosure vulnerability in the Control Panel in Liferay Portal 7.2.0 through 7.4.2, and older unsupported versions, and Liferay DXP 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions allows remote authenticated users to obtain a user's full name from the page's title by enumerating user screen names. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25150 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00172 |
| scoring_system |
epss |
| scoring_elements |
0.38669 |
| published_at |
2026-06-13T12:55:00Z |
|
| 1 |
| value |
0.00172 |
| scoring_system |
epss |
| scoring_elements |
0.38659 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00172 |
| scoring_system |
epss |
| scoring_elements |
0.38474 |
| published_at |
2026-06-11T12:55:00Z |
|
| 3 |
| value |
0.00172 |
| scoring_system |
epss |
| scoring_elements |
0.38647 |
| published_at |
2026-06-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25150 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-25150, GHSA-4585-28v2-8h46
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mqut-n4an-x3cs |
|
| 34 |
| url |
VCID-msx1-y2nc-n7gt |
| vulnerability_id |
VCID-msx1-y2nc-n7gt |
| summary |
Liferay Portal and Liferay DXP autosaves form data for other users to see |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33323 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62307 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62205 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62313 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62318 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33323 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2021-33323, GHSA-fxpf-jr2q-vpvv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-msx1-y2nc-n7gt |
|
| 35 |
| url |
VCID-n4t4-bb8c-nub4 |
| vulnerability_id |
VCID-n4t4-bb8c-nub4 |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) in Edit Vocabulary Page |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33328 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35219 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35041 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.3522 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35243 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33328 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 6 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 7 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 12 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 13 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 14 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 15 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 16 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 20 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 23 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 24 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 25 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 26 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 27 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 28 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 29 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 30 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 31 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 37 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 38 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 39 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 40 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 41 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 42 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 43 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
|
|
| aliases |
CVE-2021-33328, GHSA-vpvm-3wfw-5f5c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n4t4-bb8c-nub4 |
|
| 36 |
| url |
VCID-n634-fspx-judk |
| vulnerability_id |
VCID-n634-fspx-judk |
| summary |
Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions does not properly restrict membership of a child site when the "Limit membership to members of the parent site" option is enabled, which allows remote authenticated users to add users who are not a member of the parent site to a child site. The added user may obtain permission to perform unauthorized actions in the child site. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25149 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00259 |
| scoring_system |
epss |
| scoring_elements |
0.49567 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00259 |
| scoring_system |
epss |
| scoring_elements |
0.4971 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00259 |
| scoring_system |
epss |
| scoring_elements |
0.49722 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00259 |
| scoring_system |
epss |
| scoring_elements |
0.49703 |
| published_at |
2026-06-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-25149 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 11 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 12 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 13 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 14 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 19 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 20 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 21 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 22 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 23 |
| vulnerability |
VCID-uxjd-h6fd-sbgf |
|
| 24 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 25 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 26 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 27 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 28 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
|
|
| aliases |
CVE-2024-25149, GHSA-qpgh-6v9w-vfv6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n634-fspx-judk |
|
| 37 |
| url |
VCID-p17t-h88p-zybu |
| vulnerability_id |
VCID-p17t-h88p-zybu |
| summary |
Liferay DXP Vulnerable to Denial-of-service (DoS) in the Multi-Factor Authentication Module |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29041 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00507 |
| scoring_system |
epss |
| scoring_elements |
0.66731 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00507 |
| scoring_system |
epss |
| scoring_elements |
0.66837 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00507 |
| scoring_system |
epss |
| scoring_elements |
0.66838 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00507 |
| scoring_system |
epss |
| scoring_elements |
0.66824 |
| published_at |
2026-06-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29041 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29041, GHSA-82j7-2h3j-hc7f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p17t-h88p-zybu |
|
| 38 |
| url |
VCID-qaj9-m3df-7qbr |
| vulnerability_id |
VCID-qaj9-m3df-7qbr |
| summary |
Liferay Portal and Liferay DXP Fails to Check Permissions |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29052 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27774 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27557 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27759 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27784 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29052 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29052, GHSA-pr7v-qv65-rp9m
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qaj9-m3df-7qbr |
|
| 39 |
| url |
VCID-qcxr-ayvy-z3h2 |
| vulnerability_id |
VCID-qcxr-ayvy-z3h2 |
| summary |
|
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15842 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0057 |
| scoring_system |
epss |
| scoring_elements |
0.69067 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.0057 |
| scoring_system |
epss |
| scoring_elements |
0.69159 |
| published_at |
2026-06-12T12:55:00Z |
|
| 2 |
| value |
0.0057 |
| scoring_system |
epss |
| scoring_elements |
0.69171 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.0057 |
| scoring_system |
epss |
| scoring_elements |
0.69165 |
| published_at |
2026-06-14T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15842 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 6 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 7 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 8 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 9 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 10 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 11 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 12 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 13 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 14 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 15 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 16 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 17 |
| vulnerability |
VCID-cdmw-ujbw-yqbj |
|
| 18 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 19 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 20 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 21 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 22 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 23 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 24 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 25 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 26 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 27 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 28 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 29 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 30 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 31 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 32 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 33 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 34 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 35 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 36 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 37 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 38 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 39 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 40 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 41 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 42 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 43 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 44 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 45 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 46 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 47 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp17 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-4qnf-vd8e-9yfr |
|
| 4 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 5 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 6 |
| vulnerability |
VCID-6ejn-7nds-1qb6 |
|
| 7 |
| vulnerability |
VCID-6gyp-c7wt-qfb5 |
|
| 8 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 9 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 10 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 11 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 12 |
| vulnerability |
VCID-9bfa-6qqd-d7gb |
|
| 13 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 14 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 15 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 16 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 17 |
| vulnerability |
VCID-b12f-kdez-2qau |
|
| 18 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 19 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 20 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 21 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 22 |
| vulnerability |
VCID-dy73-grbk-tyb6 |
|
| 23 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 24 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 25 |
| vulnerability |
VCID-fx8b-2pzj-uyg6 |
|
| 26 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 27 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 28 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 29 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 30 |
| vulnerability |
VCID-hkq7-mdbr-hkb2 |
|
| 31 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 32 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 33 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 34 |
| vulnerability |
VCID-jxe5-tt8r-cbag |
|
| 35 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 36 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 37 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 38 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 39 |
| vulnerability |
VCID-msx1-y2nc-n7gt |
|
| 40 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 41 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 42 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 43 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 44 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 45 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 46 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 47 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 48 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 49 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 50 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 51 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 52 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 53 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 54 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 55 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 56 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 57 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 58 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 59 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 60 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 61 |
| vulnerability |
VCID-yxjx-p7zs-3fec |
|
| 62 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp5 |
|
|
| aliases |
CVE-2020-15842, GHSA-mg3r-9jh8-33r9
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qcxr-ayvy-z3h2 |
|
| 40 |
| url |
VCID-scdp-ugfr-yqap |
| vulnerability_id |
VCID-scdp-ugfr-yqap |
| summary |
Liferay Portal and Liferay DXP has incorrect default permissions for site members |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38268 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00119 |
| scoring_system |
epss |
| scoring_elements |
0.30657 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00119 |
| scoring_system |
epss |
| scoring_elements |
0.30461 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00119 |
| scoring_system |
epss |
| scoring_elements |
0.30662 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00119 |
| scoring_system |
epss |
| scoring_elements |
0.30676 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38268 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 13 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 14 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 15 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 16 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 17 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 18 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 19 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 20 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 21 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 22 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 23 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 24 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 25 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 26 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 14 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 20 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 21 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 31 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 32 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 33 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 34 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 35 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 36 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 37 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 38 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 5 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 6 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 7 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 8 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 9 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 12 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 13 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 16 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 17 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 18 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 19 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 20 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 21 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 22 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 23 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 24 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 25 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 26 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 27 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 28 |
| vulnerability |
VCID-z611-svpn-m7b1 |
|
| 29 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
|
|
| aliases |
CVE-2021-38268, GHSA-f855-2rvm-5j7h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-scdp-ugfr-yqap |
|
| 41 |
| url |
VCID-shuw-qkwq-vygb |
| vulnerability_id |
VCID-shuw-qkwq-vygb |
| summary |
Stored cross-site scripting (XSS) vulnerability in the Site module's user membership administration page in Liferay Portal 7.0.1 through 7.4.1, and Liferay DXP 7.0 before fix pack 102, 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the a user's name. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-28978 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30682 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30481 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30677 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30697 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-28978 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
| reference_url |
http://liferay.com |
| reference_id |
liferay.com |
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T18:52:15Z/ |
|
|
| url |
http://liferay.com |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp26 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp26 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 3 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 4 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 5 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 6 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 7 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 8 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 9 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 10 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 11 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 12 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 13 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 14 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 15 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 16 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 17 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 18 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 19 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 20 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 21 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 22 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp26 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 11 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 12 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 13 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 14 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 19 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 20 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 21 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 22 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 23 |
| vulnerability |
VCID-uxjd-h6fd-sbgf |
|
| 24 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 25 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 26 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 27 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 28 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
|
|
| aliases |
CVE-2022-28978, GHSA-7m65-hmvg-rxpc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-shuw-qkwq-vygb |
|
| 42 |
| url |
VCID-t45b-p6e7-j7ev |
| vulnerability_id |
VCID-t45b-p6e7-j7ev |
| summary |
Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Frontend JS module |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33326 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.62341 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.62239 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.62349 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00418 |
| scoring_system |
epss |
| scoring_elements |
0.62353 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33326 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 6 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 7 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 12 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 13 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 14 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 15 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 16 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 20 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 23 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 24 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 25 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 26 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 27 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 28 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 29 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 30 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 31 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 37 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 38 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 39 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 40 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 41 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 42 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 43 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
|
|
| aliases |
CVE-2021-33326, GHSA-hgjv-7wjr-qwqp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t45b-p6e7-j7ev |
|
| 43 |
| url |
VCID-t5h8-q4q5-a3em |
| vulnerability_id |
VCID-t5h8-q4q5-a3em |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29053 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.64151 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.64038 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.64141 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00449 |
| scoring_system |
epss |
| scoring_elements |
0.64154 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29053 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29053, GHSA-f9wj-c5pc-g9rh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t5h8-q4q5-a3em |
|
| 44 |
| url |
VCID-tvcx-nbr1-efc2 |
| vulnerability_id |
VCID-tvcx-nbr1-efc2 |
| summary |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in the Gogo Shell module |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38269 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39345 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39174 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39358 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.3937 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38269 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 13 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 14 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 15 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 16 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 17 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 18 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 19 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 20 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 21 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 22 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 23 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 24 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp24 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp13 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 5 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 6 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 7 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 8 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 9 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 10 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 11 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 12 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 13 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 14 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 15 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 16 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 17 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 18 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 19 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 20 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 21 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 22 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 23 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 24 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 25 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 26 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 27 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 28 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 29 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 30 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 33 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp13 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 5 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 6 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 7 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 8 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 9 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 12 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 13 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 16 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 17 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 18 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 19 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 20 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 21 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 22 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 23 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 24 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 25 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 26 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 27 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 28 |
| vulnerability |
VCID-z611-svpn-m7b1 |
|
| 29 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp2 |
|
|
| aliases |
CVE-2021-38269, GHSA-vw6g-gh6c-8qwp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tvcx-nbr1-efc2 |
|
| 45 |
| url |
VCID-v9m5-8c56-tuhb |
| vulnerability_id |
VCID-v9m5-8c56-tuhb |
| summary |
Liferay Portal and Liferay DXP May Reveal S3 Store's Proxy Password |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29043 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42768 |
| published_at |
2026-06-14T12:55:00Z |
|
| 1 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42597 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42759 |
| published_at |
2026-06-12T12:55:00Z |
|
| 3 |
| value |
0.00204 |
| scoring_system |
epss |
| scoring_elements |
0.42778 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29043 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 7 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 8 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 9 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 10 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 11 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 12 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 13 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 14 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 15 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 16 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 17 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 18 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 19 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 20 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 21 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 22 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 23 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 24 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 25 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 26 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp22 |
|
| 2 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 14 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 20 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 21 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 31 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 32 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 33 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 34 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 35 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 36 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 37 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 38 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp10 |
|
| 3 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 10 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 11 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 12 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 13 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 14 |
| vulnerability |
VCID-evf7-f2j5-rqhr |
|
| 15 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 16 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 17 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 18 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 19 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 20 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 21 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 22 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 23 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 24 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 25 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 26 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 27 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 28 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 29 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 30 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 31 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 32 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10.fp1 |
|
|
| aliases |
CVE-2021-29043, GHSA-xx2h-2hf5-v7vv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v9m5-8c56-tuhb |
|
| 46 |
| url |
VCID-vk9f-1396-jkcp |
| vulnerability_id |
VCID-vk9f-1396-jkcp |
| summary |
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38265 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39345 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39174 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39358 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.3937 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38265 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 12 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 13 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 14 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 15 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 16 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 20 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 23 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 24 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 25 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 26 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 27 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 28 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 29 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 30 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 31 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 37 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 38 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 39 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 40 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
|
|
| aliases |
CVE-2021-38265, GHSA-3x83-whxw-pvmg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vk9f-1396-jkcp |
|
| 47 |
| url |
VCID-vweb-9s62-zucm |
| vulnerability_id |
VCID-vweb-9s62-zucm |
| summary |
Liferay Portal and Liferay DXP fails to properly import users from LDAP |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38266 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01851 |
| scoring_system |
epss |
| scoring_elements |
0.83477 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.01851 |
| scoring_system |
epss |
| scoring_elements |
0.83417 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.01851 |
| scoring_system |
epss |
| scoring_elements |
0.83483 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.01851 |
| scoring_system |
epss |
| scoring_elements |
0.83486 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38266 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-8uqz-bc88-ybcc |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9ka7-ck9s-nudp |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-b31e-vxh7-1qe8 |
|
| 12 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 13 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 14 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 15 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 16 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 20 |
| vulnerability |
VCID-h9vv-1cu6-jydx |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-j1vh-25uj-ukga |
|
| 23 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 24 |
| vulnerability |
VCID-kqhp-785u-nben |
|
| 25 |
| vulnerability |
VCID-kqsk-3dby-s3dh |
|
| 26 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 27 |
| vulnerability |
VCID-n512-h3fa-xbh7 |
|
| 28 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 29 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 30 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 31 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-txpn-fzyb-3udy |
|
| 37 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 38 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 39 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 40 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.3.10 |
|
|
| aliases |
CVE-2021-38266, GHSA-jp3m-vh3g-6ggp
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vweb-9s62-zucm |
|
| 48 |
| url |
VCID-vwmh-2kxm-bkan |
| vulnerability_id |
VCID-vwmh-2kxm-bkan |
| summary |
A Cross-site scripting (XSS) vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the `tag` parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42118 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.32426 |
| scoring_system |
epss |
| scoring_elements |
0.96967 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.52265 |
| scoring_system |
epss |
| scoring_elements |
0.97988 |
| published_at |
2026-06-12T12:55:00Z |
|
| 2 |
| value |
0.52265 |
| scoring_system |
epss |
| scoring_elements |
0.97989 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.52265 |
| scoring_system |
epss |
| scoring_elements |
0.9799 |
| published_at |
2026-06-14T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42118 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
http://liferay.com |
| reference_id |
liferay.com |
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:37:48Z/ |
|
|
| url |
http://liferay.com |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 2 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 3 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 11 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 12 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 13 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 14 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 19 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 20 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 21 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 22 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 23 |
| vulnerability |
VCID-uxjd-h6fd-sbgf |
|
| 24 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 25 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 26 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 27 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 28 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp15 |
|
|
| aliases |
CVE-2022-42118, GHSA-mr77-4pm4-x9vm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vwmh-2kxm-bkan |
|
| 49 |
| url |
VCID-ww6r-hc6t-eqgp |
| vulnerability_id |
VCID-ww6r-hc6t-eqgp |
| summary |
Liferay Portal and Liferay DXP Has Company Administrator Accounts Vulnerable to Takeovers |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33335 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00634 |
| scoring_system |
epss |
| scoring_elements |
0.70964 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00634 |
| scoring_system |
epss |
| scoring_elements |
0.70873 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00634 |
| scoring_system |
epss |
| scoring_elements |
0.70973 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00634 |
| scoring_system |
epss |
| scoring_elements |
0.70976 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33335 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 1 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 2 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 3 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 4 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 5 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 6 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 7 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 8 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 9 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 10 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 11 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 12 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 13 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 14 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 15 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 16 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 17 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 18 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 19 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 20 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 21 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 22 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 23 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 24 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 25 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 26 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 27 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 28 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 29 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 30 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp20 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 1 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 2 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 5 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 6 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 7 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 8 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 9 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 10 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 11 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 12 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 13 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 14 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 15 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 16 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 17 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 18 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 19 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 20 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 21 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 22 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 23 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 24 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 25 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 26 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 27 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 28 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 29 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 30 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 31 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 32 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 33 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 34 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 35 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 36 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 37 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 38 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 39 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 40 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 41 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 42 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 43 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp9 |
|
|
| aliases |
CVE-2021-33335, GHSA-5gh9-g62h-f35m
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ww6r-hc6t-eqgp |
|
| 50 |
| url |
VCID-xxcp-sye1-tfbz |
| vulnerability_id |
VCID-xxcp-sye1-tfbz |
| summary |
A Cross-site scripting (XSS) vulnerability in the Announcements module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42110 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.65269 |
| published_at |
2026-06-11T12:55:00Z |
|
| 1 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.65378 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.6538 |
| published_at |
2026-06-13T12:55:00Z |
|
| 3 |
| value |
0.00475 |
| scoring_system |
epss |
| scoring_elements |
0.65369 |
| published_at |
2026-06-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-42110 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-42110, GHSA-2qwm-9mg5-jwq8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xxcp-sye1-tfbz |
|
| 51 |
| url |
VCID-yxjx-p7zs-3fec |
| vulnerability_id |
VCID-yxjx-p7zs-3fec |
| summary |
Liferay Portal and Liferay DXP Vulnerable to Cross-Site Scripting (XSS) |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33332 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34944 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34766 |
| published_at |
2026-06-11T12:55:00Z |
|
| 2 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34946 |
| published_at |
2026-06-14T12:55:00Z |
|
| 3 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34967 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-33332 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1gd6-wm47-ufad |
|
| 1 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 4 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 5 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 6 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 7 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 8 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 9 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 10 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 11 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 12 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 13 |
| vulnerability |
VCID-fer2-q3rr-2khd |
|
| 14 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 15 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 16 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 17 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 18 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 19 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 20 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 21 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 22 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 23 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 24 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 25 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 26 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 27 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 28 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 29 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 30 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 31 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 32 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 33 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 34 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 35 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 36 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 37 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.1.10.fp19 |
|
| 1 |
| url |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| purl |
pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1k1u-jptu-n3d7 |
|
| 1 |
| vulnerability |
VCID-25ay-9z7s-47dg |
|
| 2 |
| vulnerability |
VCID-48hp-m4m8-cqge |
|
| 3 |
| vulnerability |
VCID-5gqq-m36a-53b6 |
|
| 4 |
| vulnerability |
VCID-6aqp-gny4-5ffp |
|
| 5 |
| vulnerability |
VCID-72my-1zwg-a7hx |
|
| 6 |
| vulnerability |
VCID-76r8-wfvh-pkg4 |
|
| 7 |
| vulnerability |
VCID-88u7-stft-ebdh |
|
| 8 |
| vulnerability |
VCID-91rc-5gz3-dbcf |
|
| 9 |
| vulnerability |
VCID-9u32-4n1x-77ce |
|
| 10 |
| vulnerability |
VCID-9xdb-721c-hqgf |
|
| 11 |
| vulnerability |
VCID-a62g-s5j4-73fr |
|
| 12 |
| vulnerability |
VCID-ank8-p9qa-9udx |
|
| 13 |
| vulnerability |
VCID-bmbd-g58w-z3gy |
|
| 14 |
| vulnerability |
VCID-bvbr-288p-xkak |
|
| 15 |
| vulnerability |
VCID-ckbc-n5n3-dka6 |
|
| 16 |
| vulnerability |
VCID-cn4z-f8ej-ruha |
|
| 17 |
| vulnerability |
VCID-ed9v-m3q5-6yaq |
|
| 18 |
| vulnerability |
VCID-epds-vwku-cyed |
|
| 19 |
| vulnerability |
VCID-g52h-8r1h-dfhe |
|
| 20 |
| vulnerability |
VCID-g6wt-vwuh-cua8 |
|
| 21 |
| vulnerability |
VCID-gkpd-2p17-7fcq |
|
| 22 |
| vulnerability |
VCID-gngs-dm98-eqc2 |
|
| 23 |
| vulnerability |
VCID-hqd6-nkr9-4ffm |
|
| 24 |
| vulnerability |
VCID-jjec-4x7z-ayhz |
|
| 25 |
| vulnerability |
VCID-jrqh-vfu7-dkfh |
|
| 26 |
| vulnerability |
VCID-k469-ety8-rqby |
|
| 27 |
| vulnerability |
VCID-kpwb-z5k7-bqa8 |
|
| 28 |
| vulnerability |
VCID-mjr1-fwsd-xkgc |
|
| 29 |
| vulnerability |
VCID-mqut-n4an-x3cs |
|
| 30 |
| vulnerability |
VCID-n4t4-bb8c-nub4 |
|
| 31 |
| vulnerability |
VCID-n634-fspx-judk |
|
| 32 |
| vulnerability |
VCID-p17t-h88p-zybu |
|
| 33 |
| vulnerability |
VCID-qaj9-m3df-7qbr |
|
| 34 |
| vulnerability |
VCID-qztv-899y-sbb8 |
|
| 35 |
| vulnerability |
VCID-scdp-ugfr-yqap |
|
| 36 |
| vulnerability |
VCID-shuw-qkwq-vygb |
|
| 37 |
| vulnerability |
VCID-snty-bgwf-33bu |
|
| 38 |
| vulnerability |
VCID-t45b-p6e7-j7ev |
|
| 39 |
| vulnerability |
VCID-t5h8-q4q5-a3em |
|
| 40 |
| vulnerability |
VCID-tgpb-tps9-wfd5 |
|
| 41 |
| vulnerability |
VCID-tvcx-nbr1-efc2 |
|
| 42 |
| vulnerability |
VCID-umd8-9ypn-zkdk |
|
| 43 |
| vulnerability |
VCID-v9m5-8c56-tuhb |
|
| 44 |
| vulnerability |
VCID-vk9f-1396-jkcp |
|
| 45 |
| vulnerability |
VCID-vweb-9s62-zucm |
|
| 46 |
| vulnerability |
VCID-vwmh-2kxm-bkan |
|
| 47 |
| vulnerability |
VCID-way6-hfht-aya6 |
|
| 48 |
| vulnerability |
VCID-ww6r-hc6t-eqgp |
|
| 49 |
| vulnerability |
VCID-xxcp-sye1-tfbz |
|
| 50 |
| vulnerability |
VCID-yffn-r39p-nfcp |
|
| 51 |
| vulnerability |
VCID-zkm4-bz55-9bb8 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay.portal/release.dxp.bom@7.2.10.fp7 |
|
|
| aliases |
CVE-2021-33332, GHSA-9995-qvcg-x7g6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yxjx-p7zs-3fec |
|
| 52 |
| url |
VCID-zkm4-bz55-9bb8 |
| vulnerability_id |
VCID-zkm4-bz55-9bb8 |
| summary |
Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA through update 87, 7.3 GA through update 29, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a service access policy's `Service Class` text field. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-37940 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38976 |
| published_at |
2026-06-12T12:55:00Z |
|
| 1 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.3899 |
| published_at |
2026-06-14T12:55:00Z |
|
| 2 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38804 |
| published_at |
2026-06-11T12:55:00Z |
|
| 3 |
| value |
0.00175 |
| scoring_system |
epss |
| scoring_elements |
0.38999 |
| published_at |
2026-06-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-37940 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-37940, GHSA-px38-239g-x5mg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zkm4-bz55-9bb8 |
|