Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.liferay/com.liferay.login.web@3.0.31
Typemaven
Namespacecom.liferay
Namecom.liferay.login.web
Version3.0.31
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.0.66
Latest_non_vulnerable_version6.0.66
Affected_by_vulnerabilities
0
url VCID-1kaw-ue41-v3fw
vulnerability_id VCID-1kaw-ue41-v3fw
summary 
Liferay Portal User Enumeration Vulnerability via the Create Account Page
User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92 allows remote attackers to determine if an account exist in the application via the create account page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-43751
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24047
published_at 2026-06-07T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.241
published_at 2026-06-06T12:55:00Z
2
value 0.00082
scoring_system epss
scoring_elements 0.23995
published_at 2026-06-09T12:55:00Z
3
value 0.00082
scoring_system epss
scoring_elements 0.24119
published_at 2026-06-05T12:55:00Z
4
value 0.00082
scoring_system epss
scoring_elements 0.23989
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-43751
1
reference_url https://github.com/liferay/liferay-portal
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal
2
reference_url https://github.com/liferay/liferay-portal/commit/097597e31b596295cb993bac596a42f06ac1e6d8
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/097597e31b596295cb993bac596a42f06ac1e6d8
3
reference_url https://github.com/liferay/liferay-portal/commit/1205e7bbcc31c40180935044d39ebf158b5256e1
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/1205e7bbcc31c40180935044d39ebf158b5256e1
4
reference_url https://github.com/liferay/liferay-portal/commit/4843e000995ef5fbe4e4f14dce23c2f3116940de
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/4843e000995ef5fbe4e4f14dce23c2f3116940de
5
reference_url https://github.com/liferay/liferay-portal/commit/4987ff8641b970db3dca14d75bb9687120107c3b
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/4987ff8641b970db3dca14d75bb9687120107c3b
6
reference_url https://github.com/liferay/liferay-portal/commit/4f3b52bc92875cd0a0958ea33dece09b8224e6dc
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/4f3b52bc92875cd0a0958ea33dece09b8224e6dc
7
reference_url https://github.com/liferay/liferay-portal/commit/609104647a5a0bb79627ef689a2f8dc9fe9fbb05
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/609104647a5a0bb79627ef689a2f8dc9fe9fbb05
8
reference_url https://github.com/liferay/liferay-portal/commit/7b8376791cfe22bfce14e5f241af1d158d535fd8
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/7b8376791cfe22bfce14e5f241af1d158d535fd8
9
reference_url https://github.com/liferay/liferay-portal/commit/7e9e29a9dac8e5b6db6f2a480c98b483584b2f87
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/7e9e29a9dac8e5b6db6f2a480c98b483584b2f87
10
reference_url https://liferay.atlassian.net/browse/LPE-18203
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://liferay.atlassian.net/browse/LPE-18203
11
reference_url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43751
reference_id CVE-2025-43751
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-22T16:25:33Z/
url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43751
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-43751
reference_id CVE-2025-43751
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-43751
13
reference_url https://github.com/advisories/GHSA-xwc5-q44v-p6gg
reference_id GHSA-xwc5-q44v-p6gg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xwc5-q44v-p6gg
fixed_packages
0
url pkg:maven/com.liferay/com.liferay.login.web@6.0.66
purl pkg:maven/com.liferay/com.liferay.login.web@6.0.66
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.login.web@6.0.66
aliases CVE-2025-43751, GHSA-xwc5-q44v-p6gg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kaw-ue41-v3fw
1
url VCID-n6qs-hded-rydp
vulnerability_id VCID-n6qs-hded-rydp
summary 
Liferay Portal and Liferay DXP Does Not Obfuscate Password Reminder Answers
In Liferay Impl before 5.18.4, Liferay Users Admin Web before 5.0.33, Liferay Login Web before 5.0.18, and Liferay Commerce Account Web before 3.0.7 from Liferay Portal (7.2.0 through 7.3.5), and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older unsupported versions does not obfuscate password reminder answers on the page, which allows attackers to use man-in-the-middle or shoulder surfing attacks to steal user's password reminder answers.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29038
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26249
published_at 2026-06-09T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26248
published_at 2026-06-04T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26352
published_at 2026-06-05T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26344
published_at 2026-06-06T12:55:00Z
4
value 0.00094
scoring_system epss
scoring_elements 0.263
published_at 2026-06-07T12:55:00Z
5
value 0.00094
scoring_system epss
scoring_elements 0.26244
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29038
1
reference_url https://github.com/liferay/liferay-portal
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal
2
reference_url https://github.com/liferay/liferay-portal/commit/5e2da784aeefce64107abd0411590db2b55faf0b
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/liferay/liferay-portal/commit/5e2da784aeefce64107abd0411590db2b55faf0b
3
reference_url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29038
reference_id CVE-2021-29038
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:45:01Z/
url https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2021-29038
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-29038
reference_id CVE-2021-29038
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-29038
5
reference_url https://github.com/advisories/GHSA-mwhf-6mjm-6w3h
reference_id GHSA-mwhf-6mjm-6w3h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mwhf-6mjm-6w3h
fixed_packages
0
url pkg:maven/com.liferay/com.liferay.login.web@5.0.18
purl pkg:maven/com.liferay/com.liferay.login.web@5.0.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1kaw-ue41-v3fw
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.login.web@5.0.18
aliases CVE-2021-29038, GHSA-mwhf-6mjm-6w3h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6qs-hded-rydp
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.liferay/com.liferay.login.web@3.0.31