12 matches found
EUVD-2022-7319
Malicious code in bioql PyPI...
[SECURITY] Fedora 41 Update: rust-icu_provider_macros-1.5.0-1.fc41
Proc macros for ICU data providers...
[SECURITY] Fedora 40 Update: rust-icu_provider_macros-1.5.0-1.fc40
Proc macros for ICU data providers...
[SECURITY] Fedora 42 Update: rust-icu_provider_macros-1.5.0-1.fc42
Proc macros for ICU data providers...
CVE-2022-42131
Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3...
CVE-2022-42131
Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3...
CVE-2022-42131
Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3...
Liferay Portal and Liferay DXP Fails to Sanitize API Data
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 19, and 7.2 before fix pack 7, does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers...
CVE-2020-13444
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers...
CVE-2020-13444
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers...
CVE-2020-13444
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers...
CVE-2020-13444
Affected software: Liferay Portal 7.x (7.0/7.1/7.2) prior to specific fix packs and Liferay DXP 7.x before their corresponding fixes. Vulnerability: the DDMDataProvider API may leak authentication data; information returned by the API is not properly sanitized, allowing remote authenticated users...