Lucene search
PRIOn knowledge basePRION:CVE-2024-25143HistoryFeb 07, 2024 - 3:15 p.m.
Code injection
2024-02-0715:15:00
PRIOn knowledge base
www.prio-n.com
5
code injection
liferay portal
dxp
denial of service
crafted png
nvd
The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted PNG images.
Related
osv
osv
Liferay Portal denial of service (memory consumption)
2024-02-07 15:30:50
cve
cve
CVE-2024-25143
2024-02-07 15:15:08
cvelist
cvelist
CVE-2024-25143
2024-02-07 14:45:04
nvd
nvd
CVE-2024-25143
2024-02-07 15:15:08
veracode
veracode
Denial Of Service (DoS)
2024-02-08 07:50:34
github
github
Liferay Portal denial of service (memory consumption)
2024-02-07 15:30:50