10 matches found
Memory Leak
Liferay Portal is vulnerable to Memory Leak. The vulnerability is due to the headless StructuredContents endpoint retaining objects or failing to release memory during request processing. An attacker can exploit this by repeatedly calling the API endpoint to exhaust server memory and cause servic...
EUVD-2025-31166
Malicious code in bioql PyPI...
CVE-2025-43816
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
Missing Release of Memory after Effective Lifetime
Overview com.liferay:com.liferay.portal.vulcan.impl is a Liferay Portal Vulcan Implementation Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the StructuredContents API endpoint. An attacker can exhaust system memory resources by repeated...
Liferay Portal and DXP vulnerable to a memory leak
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
CVE-2025-43816
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
CVE-2025-43816
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
CVE-2025-43816
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
CVE-2025-43816
A memory leak in the headless API for StructuredContents in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2024.Q1.1 through 2024.Q1.5, 2023.Q4.0 through 2024.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions...
CVE-2025-43816
CVE-2025-43816 describes a memory leak in the headless API for StructuredContents of Liferay Portal/DXP. Affected: Liferay Portal 7.4.0–7.4.3.119; Liferay Portal 7.4 GA up to update 92; Liferay DXP 2024.Q1.1–2024.Q1.5, 2023.Q4.0–2024.Q4.10, 2023.Q3.1–2023.Q3.10; related unsupported/older versions...