Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/10/22 4:18 p.m.6 views

CVE-2025-62250

Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Lifer...

6.9CVSS7.1AI score0.00164EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/21 6:30 p.m.7 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error which can be triggered via unauthenticated cluster messages. An attacker can inject malicious data into the cluster. Remediation Upgrade com.liferay:com.liferay.portal.cluster.multiple to version 5.0.35 or higher...

6.9CVSS7.1AI score0.00164EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/21 6:30 p.m.12 views

Liferay Portal fails to verify messages from the cluster network is trusted

Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Lifer...

6.9CVSS7.2AI score0.00164EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/10/21 4:15 p.m.6 views

CVE-2025-62250

Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Lifer...

6.5CVSS7AI score0.00164EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/21 3:40 p.m.1 views

CVE-2025-62250

Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Lifer...

6.9CVSS6.7AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/21 3:40 p.m.9 views

CVE-2025-62250

Improper Authentication in Liferay Portal 7.4.0 through 7.4.3.132, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to send malicious data to the Lifer...

6.9CVSS0.00164EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/09/20 1:41 p.m.14 views

booth: authfile directive in booth config file is completely ignored.

A flaw was found in booth in the way it handles the authfile directive in configuration files, which causes authentication to be skipped between nodes. As a result, an attacker-controlled node that does not have the correct authentication key does not prevent communication with other nodes in the...

6.5CVSS5.7AI score0.00924EPSS
Exploits0References4
Rows per page
Query Builder