Security
Headlines

Headlines Latest CVEs

Headline

GHSA-chrc-q6v3-jfv8: Liferay Portal has Inefficient Regular Expression

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.

1 year ago

Liferay Portal has Inefficient Regular Expression

Moderate severity GitHub Reviewed Published May 24, 2023 to the GitHub Advisory Database • Updated Jun 2, 2023

Related news

CVE-2023-33950: CVE-2023-33950 ReDoS vulnerability with Pattern Redirects - Liferay

Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs.

1 year ago

#vulnerability #web

ghsa: Latest News

GHSA-x7m9-mv49-fv73: Vaultwarden vulnerable to user impersonation

2 days ago

GHSA-vprm-27pv-jp3w: Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability

2 days ago

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability

2 days ago

GHSA-5xh2-23cc-5jc6: Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution

2 days ago

GHSA-675f-rq2r-jw82: JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

2 days ago