logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

1

Maven

Total vulnerabilities tracked

67

From global vulnerability databases

Exclude malware
Package com.lifer....dxp.bom

FLAT-ZIQ3L (CVE-2025-43785)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.0

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-N6IMI (CVE-2025-43776)

Technical information leak In com.liferay.portal:release.dxp.bom

1.0

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-HHYGB (CVE-2025-43735)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-YVRCT (CVE-2025-4581)

Server-side request forgery (SSRF) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-Y9YG7 (CVE-2025-3760)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.1

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-PTNIV (CVE-2024-8980)

Cross-site request forgery In com.liferay.portal:release.dxp.bom

7.7

High

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-0MYVB (CVE-2024-25151)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-XOZQT (CVE-2024-25603)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4OX26 (CVE-2024-26269)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

7.7

High

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-C9M05 (CVE-2024-25602)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

7.6

High

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-S72Y5 (CVE-2023-42496)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-RNY0E (CVE-2023-42498)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-YX7KC (CVE-2024-26270)

Business information leak In com.liferay.portal:release.dxp.bom

4.9

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-P2A6Q (CVE-2024-25610)

Insecure service configuration In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-DULQH (CVE-2024-25608)

Uncontrolled external site redirect In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-5LYSB (CVE-2024-25606)

XML injection (XXE) In com.liferay.portal:release.dxp.bom

4.8

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-6414D (CVE-2024-25605)

Excessive privileges In com.liferay.portal:release.dxp.bom

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-DM07E (CVE-2024-25604)

Authentication mechanism absence or evasion In com.liferay.portal:release.dxp.bom

4.9

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4WM3R (CVE-2024-25150)

Technical information leak In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-0I46U (CVE-2023-5190)

Uncontrolled external site redirect In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-KWWQS (CVE-2024-25144)

Inappropriate coding practices In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-YZIPT (CVE-2024-25146)

Automatic information enumeration In com.liferay.portal:release.dxp.bom

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-40ZA8 (CVE-2023-42627)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

7.7

High

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-JGT9D (CVE-2023-42628)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-WWDM9 (CVE-2023-42497)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-S4825 (CVE-2023-44309)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-Y9EKS (CVE-2023-42629)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-YP9LM (CVE-2023-3426)

Improper authorization control for web services In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-2FZVI (CVE-2023-35029)

Uncontrolled external site redirect In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-QS10L (CVE-2023-3193)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-2WOMG (CVE-2022-42120)

SQL injection - Code In com.liferay.portal:release.dxp.bom

8.1

High

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-H4MKG (CVE-2022-42111)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-HMO5H (CVE-2022-42119)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-NHWUZ (CVE-2022-42118)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-X5139 (CVE-2022-42110)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-RZN2T (CVE-2022-42113)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-BT7HO (CVE-2022-42117)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-63VD0 (CVE-2022-28978)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-8BUMM (CVE-2022-28977)

Uncontrolled external site redirect In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-1573W (CVE-2022-38512)

Excessive privileges In com.liferay.portal:release.dxp.bom

4.9

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-MYQE7 (CVE-2021-33322)

Insecure session management In com.liferay.portal:release.dxp.bom

6.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-7WMS1 (CVE-2021-29049)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4P4DV (CVE-2021-33335)

Excessive privileges In com.liferay.portal:release.dxp.bom

6.1

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-PBMV3 (CVE-2021-33338)

Cross-site request forgery In com.liferay.portal:release.dxp.bom

5.2

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-WA8UX (CVE-2021-33336)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-PLBQ9 (CVE-2021-33337)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-LLY0X (CVE-2021-33324)

Excessive privileges In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-0XD6J (CVE-2021-33327)

Excessive privileges In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-FC8N2 (CVE-2021-33325)

Non-encrypted confidential information In com.liferay.portal:release.dxp.bom

4.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-CGC60 (CVE-2021-33326)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-AJUS8 (CVE-2021-33323)

Non-encrypted confidential information In com.liferay.portal:release.dxp.bom

6.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-YQHM7 (CVE-2021-33332)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-MPP5T (CVE-2021-29053)

SQL injection - Code In com.liferay.portal:release.dxp.bom

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-HB96W (CVE-2021-29045)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4DZL6 (CVE-2021-29046)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-NSPXP (CVE-2021-29043)

Sensitive information sent insecurely In com.liferay.portal:release.dxp.bom

4.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-K3GKU (CVE-2021-29041)

Improper authorization control for web services In com.liferay.portal:release.dxp.bom

4.9

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-TWJGX (CVE-2020-13445)

Lack of data validation In com.liferay.portal:release.dxp.bom

6.3

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4NTWN (CVE-2022-26593)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-T4548 (CVE-2022-26594)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-4T3WK (CVE-2021-38266)

Authentication mechanism absence or evasion In com.liferay.portal:release.dxp.bom

6.6

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-7U84M (CVE-2021-38269)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-PEKS9 (CVE-2021-38265)

Reflected cross-site scripting (XSS) In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-ADNTT (CVE-2021-38267)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.2

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-UG4KU (CVE-2021-38263)

Server side cross-site scripting In com.liferay.portal:release.dxp.bom

1.3

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-354DE (CVE-2022-25146)

Lack of data validation In com.liferay.portal:release.dxp.bom

2.7

Low

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom

FLAT-FA6NA (CVE-2020-15839)

Insecure file upload In com.liferay.portal:release.dxp.bom

4.9

Medium

Ecosystem: Maven

Package: com.liferay.portal:release.dxp.bom