GHSA-w7pm-cc4v-f3g8

Suggest an improvement
Source
https://github.com/advisories/GHSA-w7pm-cc4v-f3g8
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w7pm-cc4v-f3g8/GHSA-w7pm-cc4v-f3g8.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-w7pm-cc4v-f3g8
Aliases
  • CVE-2020-7961
Published
2022-05-24T17:12:05Z
Modified
2024-08-28T15:47:52.502700Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Deserialization of Untrusted Data in Liferay Portal
Details

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

Database specific 
{
    "nvd_published_at": "2020-03-20T19:15:00Z",
    "cwe_ids": [
        "CWE-502"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-23T06:57:17Z"
}
References

Affected packages

Maven / com.liferay.portal:com.liferay.portal.kernel

Package

Name
com.liferay.portal:com.liferay.portal.kernel
View open source insights on deps.dev
Purl
pkg:maven/com.liferay.portal/com.liferay.portal.kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.35.3

Affected versions

1.*

1.0.0
1.0.1
1.0.2
1.0.3

2.*

2.0.0
2.1.0
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.7.0
2.8.0
2.9.0
2.10.0
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.16.0
2.17.0
2.18.0
2.19.0
2.20.0
2.21.0
2.22.0
2.23.0
2.24.0
2.25.0
2.26.0
2.27.0
2.28.0
2.29.0
2.30.0
2.31.0
2.32.0
2.33.0
2.34.0
2.35.0
2.36.0
2.37.0
2.38.0
2.39.0
2.40.0
2.41.0
2.42.0
2.43.0
2.44.0
2.45.0
2.46.0
2.47.0
2.48.0
2.49.0
2.50.0
2.51.0
2.52.0
2.53.0
2.54.0
2.55.0
2.55.1
2.56.0
2.57.0
2.58.0
2.58.1
2.58.2
2.59.0
2.60.0
2.61.0
2.61.1
2.61.2
2.61.3
2.62.0
2.63.0
2.63.1
2.64.0
2.64.1
2.65.0
2.66.0
2.68.0
2.69.0
2.70.0
2.71.0
2.72.0
2.73.0
2.74.0
2.75.0
2.75.1
2.76.0
2.76.1
2.77.0
2.78.0
2.79.0
2.79.1
2.79.2
2.80.0
2.80.1
2.81.0
2.81.1
2.81.2
2.82.0
2.83.0
2.84.0
2.84.1
2.85.0
2.86.0
2.86.1
2.87.0
2.87.1
2.87.2
2.88.0
2.89.0
2.89.1
2.90.0
2.90.1
2.90.2
2.91.0
2.92.0
2.92.1
2.93.0
2.94.0
2.94.1
2.94.2
2.94.3
2.95.0
2.95.1
2.96.0
2.97.0
2.98.0
2.98.1
2.99.0
2.99.1
2.99.2
2.100.0
2.101.0
2.102.0
2.103.0
2.103.1
2.104.0
2.105.0
2.105.1
2.105.2
2.106.0
2.107.0
2.108.0
2.109.0
2.109.1
2.110.0
2.111.0
2.111.1
2.111.2
2.112.0
2.113.0
2.113.1
2.113.2
2.114.0
2.115.0
2.116.0
2.116.1
2.117.0
2.118.0
2.119.0
2.119.1
2.120.0
2.120.1
2.121.0
2.122.0
2.123.0
2.123.1
2.124.0
2.125.0
2.125.1
2.126.0
2.126.1
2.126.2
2.127.0
2.128.0
2.128.1
2.128.2
2.128.3
2.129.0
2.130.0
2.130.1
2.131.0
2.131.1
2.132.0
2.132.1
2.132.2
2.132.3
2.132.4
2.133.0
2.134.0
2.135.0
2.135.1
2.136.0
2.136.1
2.137.0
2.138.0
2.138.1
2.138.2
2.139.0
2.140.0
2.140.1
2.140.2
2.140.3
2.140.4
2.141.0
2.141.1
2.141.2
2.142.0
2.143.0
2.143.1
2.144.0
2.144.1
2.144.2
2.144.3
2.145.0
2.146.0
2.146.1
2.146.2
2.147.0
2.147.1
2.147.2
2.147.3
2.147.4
2.147.5
2.148.0
2.148.1
2.148.2
2.148.3
2.149.0
2.150.0
2.150.1
2.150.2
2.150.3
2.150.4
2.151.0
2.152.0
2.152.1
2.153.0
2.154.0
2.154.1
2.154.2
2.154.3
2.155.0
2.157.0
2.158.0

3.*

3.0.0
3.0.1
3.1.0
3.2.0
3.2.1
3.2.2
3.3.0
3.3.1
3.3.2
3.3.3
3.3.4
3.4.0
3.5.0
3.5.1
3.5.2
3.6.0
3.6.1
3.6.2
3.7.0
3.7.1
3.8.0
3.9.0
3.10.0
3.11.0
3.12.0
3.13.0
3.13.1
3.14.0
3.15.0
3.15.1
3.16.0
3.17.0
3.17.1
3.18.0
3.18.1
3.18.2
3.18.3
3.18.4
3.19.0
3.20.0
3.20.1
3.21.0
3.21.1
3.21.2
3.22.0
3.23.0
3.24.0
3.25.0
3.26.0
3.27.0
3.28.0
3.29.0
3.30.0
3.31.0
3.31.1
3.31.2
3.32.0
3.32.1
3.32.2
3.32.3
3.32.4
3.33.0
3.33.1
3.34.0
3.34.1
3.34.2
3.35.0
3.35.1
3.35.2
3.35.3
3.35.4
3.35.5
3.35.6
3.36.0
3.37.0
3.37.1
3.38.0
3.39.0
3.39.1
3.39.2
3.40.0
3.40.1
3.41.0
3.41.1
3.41.2
3.41.3
3.41.4
3.41.5
3.42.0
3.42.1
3.42.2
3.42.3
3.42.4
3.42.5
3.43.0
3.43.1
3.44.0
3.45.0
3.46.0
3.46.1
3.46.2
3.46.3
3.47.0
3.47.1
3.48.0
3.48.1
3.48.2
3.48.3
3.49.0
3.49.1
3.49.2
3.49.3
3.50.0
3.50.1
3.51.0
3.52.0
3.53.0
3.53.1
3.53.2
3.53.3
3.54.0
3.55.0
3.56.0
3.57.0
3.58.0
3.59.0
3.60.0
3.61.0
3.62.0
3.63.0
3.63.1
3.64.0
3.64.1
3.64.2
3.65.0
3.65.1
3.65.2
3.65.3
3.65.4
3.66.0
3.66.1
3.67.0
3.68.0
3.69.0
3.70.0
3.71.0
3.72.0
3.73.0
3.73.1
3.74.0
3.75.0
3.75.1
3.75.2
3.76.0
3.77.0
3.78.0
3.78.1
3.78.2
3.79.0
3.80.0
3.81.0
3.81.1
3.82.0
3.82.1
3.82.2
3.83.0
3.83.1
3.84.0
3.85.0
3.85.1
3.85.2
3.86.0
3.87.0
3.88.0
3.88.1
3.88.2
3.89.0
3.89.1
3.89.2
3.89.3
3.89.4
3.90.0
3.90.1
3.91.0
3.92.0
3.92.1
3.92.2
3.93.0
3.94.0
3.94.1
3.95.0
3.96.0
3.97.0
3.97.1
3.97.2
3.97.3
3.97.4
3.98.0
3.98.1
3.98.2
3.99.0
3.100.0
3.101.0
3.102.0
3.102.1
3.102.2
3.103.0
3.104.0
3.104.1
3.105.0
3.105.1
3.106.0
3.106.1
3.107.0
3.107.1
3.107.2
3.108.0
3.109.0
3.109.1
3.110.0
3.111.0
3.112.0
3.112.1
3.112.2
3.112.3
3.112.4
3.113.0
3.114.0
3.114.1
3.115.0
3.116.0
3.117.0
3.117.1
3.117.2
3.118.0
3.119.0
3.119.1
3.119.2
3.120.0
3.120.1
3.120.2
3.121.0
3.122.0
3.123.0
3.124.0
3.125.0
3.126.0
3.126.1
3.126.2
3.126.3
3.126.4
3.126.5
3.128.0
3.129.0
3.129.1
3.130.0
3.131.0
3.132.0

4.*

4.0.0
4.1.0
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3.0
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6
4.5.0
4.6.0
4.7.0
4.7.1
4.8.0
4.9.0
4.10.0
4.11.0
4.11.1
4.12.0
4.13.0
4.13.1
4.14.0
4.15.0
4.16.0
4.16.1
4.16.2
4.16.3
4.17.0
4.18.0
4.19.0
4.20.0
4.21.0
4.22.0
4.23.0
4.24.0
4.25.0
4.25.1
4.25.2
4.26.0
4.27.0
4.27.1
4.28.0
4.29.0
4.30.0
4.31.0
4.31.1
4.32.0
4.32.1
4.32.2
4.32.3
4.33.0
4.33.1
4.34.0
4.35.0
4.35.1
4.35.2