com.liferay:com.liferay.object.service

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting com.liferay:com.liferay.object.servicepage 1 of 1

CVE-2025-43763MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.0.208
2025-09-09
vulnerable: 1.0.0 ... 1.0.99 (208 versions)
A server-side request forgery (SSRF) vulnerability exist in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.…
CVE-2025-43790HIGHCVSS 8.1EG 8.1✓ Fixed in 1.0.197
2025-09-11
vulnerable: 1.0.0 ... 1.0.99 (197 versions)
Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.6, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote authenticated users to fr…

Check whether com.liferay:com.liferay.object.service is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for com.liferay:com.liferay.object.service CVEs against the assets you own.

Start Free Scan →