Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.4

Type maven

Namespace com.liferay

Name com.liferay.frontend.taglib.clay

Version 7.1.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 15.2.2

Latest_non_vulnerable_version 15.2.2

Affected_by_vulnerabilities

url VCID-ct7p-zu2a-7khk

vulnerability_id VCID-ct7p-zu2a-7khk

summary

references

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/e15df92e3faa3abbf38e3643b79ab8cf2983d6df

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/e15df92e3faa3abbf38e3643b79ab8cf2983d6df

reference_url

https://liferay.atlassian.net/browse/LPE-18222

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://liferay.atlassian.net/browse/LPE-18222

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43774

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43774

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-43774

reference_id

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-43774

reference_url

https://github.com/advisories/GHSA-qgj5-4qvg-2f8c

reference_id

GHSA-qgj5-4qvg-2f8c

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qgj5-4qvg-2f8c

fixed_packages

url pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.1

purl pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ph25-5qgg-zfer

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.1

aliases CVE-2025-43774, GHSA-qgj5-4qvg-2f8c

risk_score 1.4

exploitability 0.5

weighted_severity 2.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct7p-zu2a-7khk

url VCID-kqsk-3dby-s3dh

vulnerability_id VCID-kqsk-3dby-s3dh

summary A Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote attackers to inject arbitrary web script or HTML.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42117

reference_id

reference_type

scores

value	0.00118
scoring_system	epss
scoring_elements	0.30492
published_at	2026-06-14T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30292
published_at	2026-06-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30487
published_at	2026-06-12T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30505
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42117

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/a0d25a757f002c39d02b93938bc11feb3b0de6f6

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/a0d25a757f002c39d02b93938bc11feb3b0de6f6

reference_url

https://liferay.atlassian.net/browse/LPE-17497

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://liferay.atlassian.net/browse/LPE-17497

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2022-42117?p_r_p_assetEntryId=121613244&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121613244%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117

reference_id

cve-2022-42117

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T17:58:40Z/

url

https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42117

reference_id

CVE-2022-42117

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42117

reference_url

https://web.archive.org/web/20221205223431/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117

reference_id

CVE-2022-42117

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20221205223431/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117

reference_url

https://github.com/advisories/GHSA-g6r2-6x46-jpp6

reference_id

GHSA-g6r2-6x46-jpp6

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g6r2-6x46-jpp6

reference_url

http://liferay.com

reference_id

liferay.com

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-12T17:58:40Z/

url

http://liferay.com

fixed_packages

url pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@9.1.7

purl pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@9.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct7p-zu2a-7khk

vulnerability	VCID-ph25-5qgg-zfer

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@9.1.7

aliases CVE-2022-42117, GHSA-g6r2-6x46-jpp6

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqsk-3dby-s3dh

url VCID-kxky-s74t-27ca

vulnerability_id VCID-kxky-s74t-27ca

summary Liferay Portal vulnerable to cross-site scripting (XSS) via the keywords parameter

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38264

reference_id

reference_type

scores

value	0.00295
scoring_system	epss
scoring_elements	0.53361
published_at	2026-06-12T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.53235
published_at	2026-06-11T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.53362
published_at	2026-06-14T12:55:00Z

value	0.00295
scoring_system	epss
scoring_elements	0.53376
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38264

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/f5df5cbfdc8254b2388fa445e62ec1efebe3547f

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/f5df5cbfdc8254b2388fa445e62ec1efebe3547f

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-38264-reflected-xss-with-keywords-in-search?p_r_p_assetEntryId=121611971&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121611971%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-38264

reference_id

CVE-2021-38264

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-38264

reference_url

https://github.com/advisories/GHSA-9536-m86r-q297

reference_id

GHSA-9536-m86r-q297

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9536-m86r-q297

fixed_packages

url	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15
purl	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15

url pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

purl pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct7p-zu2a-7khk

vulnerability	VCID-kqsk-3dby-s3dh

vulnerability	VCID-ph25-5qgg-zfer

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

aliases CVE-2021-38264, GHSA-9536-m86r-q297

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxky-s74t-27ca

url VCID-n65a-ycxy-pqgz

vulnerability_id VCID-n65a-ycxy-pqgz

summary Liferay Portal cross-site scripting (XSS) vulnerability in the Frontend Taglib module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-35463

reference_id

reference_type

scores

value	0.00149
scoring_system	epss
scoring_elements	0.35378
published_at	2026-06-12T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35201
published_at	2026-06-11T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35382
published_at	2026-06-14T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35402
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-35463

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/751a70e0ed7b380ea2ab510ff79ddb33ed87dd9b

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/751a70e0ed7b380ea2ab510ff79ddb33ed87dd9b

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-35463-reflected-xss-with-keywords-in-search?p_r_p_assetEntryId=121611661&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121611661%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-35463

reference_id

CVE-2021-35463

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-35463

reference_url

https://github.com/advisories/GHSA-9h7f-5hc8-cj5f

reference_id

GHSA-9h7f-5hc8-cj5f

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9h7f-5hc8-cj5f

fixed_packages

url	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15
purl	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.15

url pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

purl pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ct7p-zu2a-7khk

vulnerability	VCID-kqsk-3dby-s3dh

vulnerability	VCID-ph25-5qgg-zfer

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.2.0

aliases CVE-2021-35463, GHSA-9h7f-5hc8-cj5f

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n65a-ycxy-pqgz

url VCID-ph25-5qgg-zfer

vulnerability_id VCID-ph25-5qgg-zfer

summary A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code in the “first display label” field in the configuration of a custom sort widget. This malicious payload is then reflected and executed by clay button taglib when refreshing the page.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-43734

reference_id

reference_type

scores

value	0.0013
scoring_system	epss
scoring_elements	0.32182
published_at	2026-06-12T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32179
published_at	2026-06-14T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.31998
published_at	2026-06-11T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32199
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-43734

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/b4ca1bb0961cc1f230508e072c30815eabce062f

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/b4ca1bb0961cc1f230508e072c30815eabce062f

reference_url

https://liferay.atlassian.net/browse/LPE-18234

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://liferay.atlassian.net/browse/LPE-18234

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-43734

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-43734

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43734

reference_id

CVE-2025-43734

reference_type

scores

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T19:00:01Z/

url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43734

reference_url

https://github.com/advisories/GHSA-m5c7-5gv3-hcpf

reference_id

GHSA-m5c7-5gv3-hcpf

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m5c7-5gv3-hcpf

fixed_packages

url	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.2
purl	pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@15.2.2

aliases CVE-2025-43734, GHSA-m5c7-5gv3-hcpf

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ph25-5qgg-zfer

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.frontend.taglib.clay@7.1.4

Package Instance