pkg:Maven/com.liferay.portal:com.liferay.portal.kernel

6 total CVEsCRITICAL1HIGH1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-7961⚠ KEVDeserialization of Untrusted Data in Liferay Portal
    from 0, < 4.35.3
  • HIGH8.1CVE-2024-25607Liferay Portal defaults to a low work factor for the default password hashing algorithm
    from 0, < 38.0.0
  • CVE-2025-43792Liferay Portal has External Control of System or Configuration Settings
    from 0, < 130.0.1
  • CVE-2025-43793Liferay Portal has Improper Validation of Specified Quantity in Input
    from 0, < 130.0.1
  • CVE-2025-43770Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter
    from 0, < 155.0.0
  • CVE-2025-3526Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
    from 0, < 38.0.0