Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.liferay/com.liferay.document.library.web@5.0.45

Type maven

Namespace com.liferay

Name com.liferay.document.library.web

Version 5.0.45

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.0.98

Latest_non_vulnerable_version 6.0.98

Affected_by_vulnerabilities

url VCID-1k1u-jptu-n3d7

vulnerability_id VCID-1k1u-jptu-n3d7

summary Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Document Library module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-33337

reference_id

reference_type

scores

value	0.00258
scoring_system	epss
scoring_elements	0.49673
published_at	2026-06-12T12:55:00Z

value	0.00258
scoring_system	epss
scoring_elements	0.49536
published_at	2026-06-11T12:55:00Z

value	0.00258
scoring_system	epss
scoring_elements	0.49692
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-33337

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/432e9eb911d11ff40e1db652690586e496940633

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/432e9eb911d11ff40e1db652690586e496940633

reference_url

https://issues.liferay.com/browse/LPE-17101

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.liferay.com/browse/LPE-17101

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2021-33337

reference_id

CVE-2021-33337

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2021-33337

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-33337

reference_id

CVE-2021-33337

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-33337

reference_url

https://github.com/advisories/GHSA-v88g-7fx4-9q7f

reference_id

GHSA-v88g-7fx4-9q7f

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v88g-7fx4-9q7f

fixed_packages

url pkg:maven/com.liferay/com.liferay.document.library.web@5.0.54

purl pkg:maven/com.liferay/com.liferay.document.library.web@5.0.54

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ap9p-1am3-9ycn

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.document.library.web@5.0.54

aliases CVE-2021-33337, GHSA-v88g-7fx4-9q7f

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1k1u-jptu-n3d7

url VCID-ap9p-1am3-9ycn

vulnerability_id VCID-ap9p-1am3-9ycn

summary A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the `redirect` parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42113

reference_id

reference_type

scores

value	0.00197
scoring_system	epss
scoring_elements	0.4191
published_at	2026-06-13T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41726
published_at	2026-06-11T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41891
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42113

reference_url

https://github.com/liferay/liferay-portal

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal

reference_url

https://github.com/liferay/liferay-portal/commit/2e4d17dfe42bb3b12c96527943087cf7e4a7d57e

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/2e4d17dfe42bb3b12c96527943087cf7e4a7d57e

reference_url

https://github.com/liferay/liferay-portal/commit/62797d3ada6545b12fbfb86dbb229ac9d491d2c2

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/liferay/liferay-portal/commit/62797d3ada6545b12fbfb86dbb229ac9d491d2c2

reference_url

https://liferay.atlassian.net/browse/LPE-17615

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://liferay.atlassian.net/browse/LPE-17615

reference_url

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2022-42113?p_r_p_assetEntryId=121613062&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_redirect=https%3A%2F%2Fliferay.dev%3A443%2Fportal%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_r_p_assetEntryId%3D121613062%26_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_jekt_cur%3D0%26p_r_p_resetCur%3Dfalse

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113

reference_id

cve-2022-42113

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-10T02:41:39Z/

url

https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42113

reference_id

CVE-2022-42113

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42113

reference_url

https://web.archive.org/web/20221019040338/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113

reference_id

CVE-2022-42113

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20221019040338/https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113

reference_url

https://github.com/advisories/GHSA-r32w-v775-5952

reference_id

GHSA-r32w-v775-5952

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r32w-v775-5952

reference_url

http://liferay.com

reference_id

liferay.com

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-10T02:41:39Z/

url

http://liferay.com

fixed_packages

url	pkg:maven/com.liferay/com.liferay.document.library.web@6.0.98
purl	pkg:maven/com.liferay/com.liferay.document.library.web@6.0.98
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.document.library.web@6.0.98

aliases CVE-2022-42113, GHSA-r32w-v775-5952

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ap9p-1am3-9ycn

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.document.library.web@5.0.45

Package Instance