logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

1

Maven

Total vulnerabilities tracked

13

From global vulnerability databases

Exclude malware
Package com.lifer...tal.impl

FLAT-ZK4OS (CVE-2025-62261)

Non-encrypted confidential information In com.liferay.portal:com.liferay.portal.impl

4.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-AJ37O (CVE-2025-62254)

Lack of data validation - Path Traversal In com.liferay.portal:com.liferay.portal.impl

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-H80AK (CVE-2025-62249)

Reflected cross-site scripting (XSS) In com.liferay.portal:com.liferay.portal.impl

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-GWSPQ (CVE-2025-62252)

Improper authorization control for web services In com.liferay.portal:com.liferay.portal.impl

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-SBTAK (CVE-2025-43809)

Cross-site request forgery In com.liferay.portal:com.liferay.portal.impl

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-0U6NQ (CVE-2025-43801)

Improper authorization control for web services In com.liferay.portal:com.liferay.portal.impl

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-ELMBF (CVE-2025-43793)

Lack of data validation In com.liferay.portal:com.liferay.portal.impl

4.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-SJYNX (CVE-2025-43794)

Server side cross-site scripting In com.liferay.portal:com.liferay.portal.impl

1.0

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-NSUYA (CVE-2025-43768)

Business information leak In com.liferay.portal:com.liferay.portal.impl

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-LCDK5 (CVE-2021-29050)

Cross-site request forgery In com.liferay.portal:com.liferay.portal.impl

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-NRFTZ (CVE-2022-41414)

Insecure service configuration In com.liferay.portal:com.liferay.portal.impl

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-SCUSI (CVE-2021-33321)

Account lockout In com.liferay.portal:com.liferay.portal.impl

6.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl

FLAT-MV06Y (CVE-2020-15840)

Improper authorization control for web services In com.liferay.portal:com.liferay.portal.impl

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:com.liferay.portal.impl