CVE-2019-16891
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-16891
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16891.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-16891
- Published
- 2019-10-04T14:15:11Z
- Modified
- 2025-03-04T15:58:43.172758Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.
- References
Affected packages
Git / github.com/liferay/liferay-portal
Affected ranges
- Type
- GIT
- Repo
- https://github.com/liferay/liferay-portal
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected