High severityNVD Advisory· Published Sep 12, 2025· Updated Sep 12, 2025
CVE-2025-43796
CVE-2025-43796
Description
Liferay Portal 7.4.0 through 7.4.3.101, and Liferay DXP 2023.Q3.0 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA though update 35 does not limit the number of objects returned from a GraphQL queries, which allows remote attackers to perform denial-of-service (DoS) attacks on the application by executing queries that return a large number of objects.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.liferay:com.liferay.portal.vulcan.apiMaven | >= 8.0.2, < 40.2.0 | 40.2.0 |
com.liferay:com.liferay.portal.vulcan.implMaven | >= 5.0.7, < 5.0.105 | 5.0.105 |
Affected products
2- Liferay/DXPv5Range: 7.3.10
Patches
78f7eb98e05a5LPS-191346 Simplify
3 files changed · +134 −209
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/graphql/servlet/test/BaseGraphQLServlet.java+17 −29 modified@@ -86,25 +86,9 @@ public String getString() { } - public static class TestMutation { - - @com.liferay.portal.vulcan.graphql.annotation.GraphQLField - public BaseGraphQLServlet.TestDTO createTestDTO( - @GraphQLName("testDTO") TestDTO testDTO) - throws Exception { + public static class TestDTOPage { - return testDTO; - } - - } - - public static class TestPagination { - - public TestPagination() { - this(0, 0); - } - - public TestPagination(int page, int pageSize) { + public TestDTOPage(int page, int pageSize) { this.page = page; this.pageSize = pageSize; } @@ -125,6 +109,18 @@ public int getPageSize() { } + public static class TestMutation { + + @com.liferay.portal.vulcan.graphql.annotation.GraphQLField + public BaseGraphQLServlet.TestDTO createTestDTO( + @GraphQLName("testDTO") TestDTO testDTO) + throws Exception { + + return testDTO; + } + + } + public static class TestQuery { public TestQuery() { @@ -134,22 +130,18 @@ public TestQuery(TestDTO testDTO) { _testDTO = testDTO; } - public TestQuery(TestPagination testPagination) { - _testPagination = testPagination; - } - @com.liferay.portal.vulcan.graphql.annotation.GraphQLField public BaseGraphQLServlet.TestDTO testDTO() throws Exception { return _testDTO; } @com.liferay.portal.vulcan.graphql.annotation.GraphQLField - public BaseGraphQLServlet.TestPagination testPagination( + public BaseGraphQLServlet.TestDTOPage testDTOPage( @GraphQLName("page") int page, @GraphQLName("pageSize") int pageSize) throws Exception { - return new TestPagination(page, pageSize); + return new TestDTOPage(page, pageSize); } @GraphQLTypeExtension(TestDTO.class) @@ -169,7 +161,7 @@ public String extendedString() { } private static TestDTO _testDTO; - private static TestPagination _testPagination; + private static TestDTOPage _testDTOPage; } @@ -179,10 +171,6 @@ public TestServletData(TestDTO testDTO) { _testQuery = new TestQuery(testDTO); } - public TestServletData(TestPagination testPagination) { - _testQuery = new TestQuery(testPagination); - } - @Override public Object getMutation() { return _testMutation;
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/graphql/servlet/test/GraphQLPaginationServletTest.java+0 −180 removed@@ -1,180 +0,0 @@ -/** - * SPDX-FileCopyrightText: (c) 2023 Liferay, Inc. https://liferay.com - * SPDX-License-Identifier: LGPL-2.1-or-later OR LicenseRef-Liferay-DXP-EULA-2.0.0-2023-06 - */ - -package com.liferay.portal.vulcan.internal.graphql.servlet.test; - -import com.liferay.arquillian.extension.junit.bridge.junit.Arquillian; -import com.liferay.portal.kernel.json.JSONObject; -import com.liferay.portal.kernel.json.JSONUtil; -import com.liferay.portal.kernel.util.HashMapBuilder; -import com.liferay.portal.test.rule.Inject; -import com.liferay.portal.test.rule.LiferayIntegrationTestRule; -import com.liferay.portal.vulcan.graphql.servlet.ServletData; -import com.liferay.portal.vulcan.internal.util.PaginationConfigurationTestUtil; - -import org.junit.After; -import org.junit.Assert; -import org.junit.Before; -import org.junit.ClassRule; -import org.junit.Rule; -import org.junit.Test; -import org.junit.runner.RunWith; - -import org.osgi.framework.Bundle; -import org.osgi.framework.BundleContext; -import org.osgi.framework.FrameworkUtil; -import org.osgi.framework.ServiceRegistration; -import org.osgi.service.cm.ConfigurationAdmin; - -/** - * @author Sergio Jiménez del Coso - */ -@RunWith(Arquillian.class) -public class GraphQLPaginationServletTest extends BaseGraphQLServlet { - - @ClassRule - @Rule - public static final LiferayIntegrationTestRule liferayIntegrationTestRule = - new LiferayIntegrationTestRule(); - - @Before - public void setUp() { - Bundle bundle = FrameworkUtil.getBundle(GraphQLServletTest.class); - - BundleContext bundleContext = bundle.getBundleContext(); - - TestServletData testServletDataPagination = new TestServletData( - new TestPagination()); - - _serviceRegistration = bundleContext.registerService( - ServletData.class, testServletDataPagination, null); - } - - @After - public void tearDown() { - _serviceRegistration.unregister(); - } - - @Test - public void testQueryPagination() throws Exception { - - // Default limited page size and limited page size requested - - _test(1, 20, null, null); - _test(1, 5, null, 5); - _test(1, 30, null, 30); - _test(1, 20, null, null); - _test(1, 15, null, 15); - _test(1, 30, null, 30); - _test(1, 40, null, 40); - _test(2, 20, 2, null); - _test(3, 20, 3, null); - - // Default limited page size and unlimited page size requested - - _test(1, 500, null, -1); - _test(1, 500, null, 0); - _test(1, 500, -1, null); - _test(1, 500, 0, null); - - // Limited page size configured and limited page size requested - - PaginationConfigurationTestUtil.withPageSizeLimit( - 10, () -> _test(1, 10, null, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 10, () -> _test(1, 5, null, 5)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 10, () -> _test(1, 10, null, 30)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 30, () -> _test(1, 20, null, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 30, () -> _test(1, 15, null, 15)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 30, () -> _test(1, 30, null, 30)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 30, () -> _test(1, 30, null, 40)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(2, 20, 2, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(3, 20, 3, null)); - - // Limited page size configured and unlimited page size requested - - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(1, 50, null, -1)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(1, 50, null, 0)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(1, 50, -1, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 50, () -> _test(1, 50, 0, null)); - - // Unlimited page size configured and limited page size requested - - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(1, 20, null, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(1, 25, null, 25)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(2, 20, 2, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(2, 25, 2, 25)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(1, 20, null, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(1, 25, null, 25)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(2, 20, 2, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(2, 25, 2, 25)); - - // Unlimited page size configured and unlimited page size requested - - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(-1, -1, -1, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(-1, -1, 0, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(-1, -1, null, -1)); - PaginationConfigurationTestUtil.withPageSizeLimit( - -1, () -> _test(-1, -1, null, 0)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(-1, -1, -1, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(-1, -1, 0, null)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(-1, -1, null, -1)); - PaginationConfigurationTestUtil.withPageSizeLimit( - 0, () -> _test(-1, -1, null, 0)); - } - - private void _test( - int expectedPage, int expectedPageSize, Integer requestPage, - Integer requestPageSize) - throws Exception { - - JSONObject jsonObject = JSONUtil.getValueAsJSONObject( - invoke( - new GraphQLField( - "testPagination", - HashMapBuilder.put( - "page", (Object)requestPage - ).put( - "pageSize", (Object)requestPageSize - ).build(), - new GraphQLField("page"), new GraphQLField("pageSize")), - "query"), - "JSONObject/data", "JSONObject/testPagination"); - - Assert.assertEquals(expectedPage, jsonObject.getInt("page")); - Assert.assertEquals(expectedPageSize, jsonObject.getInt("pageSize")); - } - - @Inject - private ConfigurationAdmin _configurationAdmin; - - private ServiceRegistration<ServletData> _serviceRegistration; - -} \ No newline at end of file
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/graphql/servlet/test/GraphQLServletTest.java+117 −0 modified@@ -11,10 +11,12 @@ import com.liferay.portal.kernel.json.JSONObject; import com.liferay.portal.kernel.json.JSONUtil; import com.liferay.portal.kernel.test.util.TestPropsValues; +import com.liferay.portal.kernel.util.HashMapBuilder; import com.liferay.portal.kernel.util.HashMapDictionaryBuilder; import com.liferay.portal.test.rule.Inject; import com.liferay.portal.test.rule.LiferayIntegrationTestRule; import com.liferay.portal.vulcan.graphql.servlet.ServletData; +import com.liferay.portal.vulcan.internal.util.PaginationConfigurationTestUtil; import java.util.Collections; @@ -174,6 +176,121 @@ public void testQueryDepthLimit() throws Exception { } } + @Test + public void testQueryPagination() throws Exception { + + // Default limited page size and limited page size requested + + _test(1, 20, null, null); + _test(1, 5, null, 5); + _test(1, 30, null, 30); + _test(1, 20, null, null); + _test(1, 15, null, 15); + _test(1, 30, null, 30); + _test(1, 40, null, 40); + _test(2, 20, 2, null); + _test(3, 20, 3, null); + + // Default limited page size and unlimited page size requested + + _test(1, 500, null, -1); + _test(1, 500, null, 0); + _test(1, 500, -1, null); + _test(1, 500, 0, null); + + // Limited page size configured and limited page size requested + + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 5, null, 5)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 15, null, 15)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 40)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(3, 20, 3, null)); + + // Limited page size configured and unlimited page size requested + + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, 0, null)); + + // Unlimited page size configured and limited page size requested + + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 25, 2, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 25, 2, 25)); + + // Unlimited page size configured and unlimited page size requested + + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, 0)); + } + + private void _test( + int expectedPage, int expectedPageSize, Integer requestPage, + Integer requestPageSize) + throws Exception { + + JSONObject jsonObject = JSONUtil.getValueAsJSONObject( + invoke( + new GraphQLField( + "testDTOPage", + HashMapBuilder.put( + "page", (Object)requestPage + ).put( + "pageSize", (Object)requestPageSize + ).build(), + new GraphQLField("page"), new GraphQLField("pageSize")), + "query"), + "JSONObject/data", "JSONObject/testDTOPage"); + + Assert.assertEquals(expectedPage, jsonObject.getInt("page")); + Assert.assertEquals(expectedPageSize, jsonObject.getInt("pageSize")); + } + @Inject private ConfigurationAdmin _configurationAdmin;
8344aec3bebcLPS-191346 Combine if-else correctly
1 file changed · +12 −10
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/graphql/data/processor/LiferayMethodDataFetchingProcessor.java+12 −10 modified@@ -137,16 +137,10 @@ public Object process( Object argument = arguments.get(parameterName); - if (parameterName.equals("page")) { - argument = pagination.getPage(); - } - else if (parameterName.equals("pageSize")) { - argument = pagination.getPageSize(); - } - else if (argument == null) { - if (parameter.isAnnotationPresent(NotNull.class)) { - throw new ValidationException(parameterName + " is null"); - } + if ((argument == null) && + parameter.isAnnotationPresent(NotNull.class)) { + + throw new ValidationException(parameterName + " is null"); } if (parameterName.equals("assetLibraryId") && (argument != null)) { @@ -167,6 +161,14 @@ else if (argument == null) { } } + if (parameterName.equals("page")) { + argument = pagination.getPage(); + } + + if (parameterName.equals("pageSize")) { + argument = pagination.getPageSize(); + } + if (parameterName.equals("siteKey") && (argument != null)) { try { argument = String.valueOf(
2e4adf041e31LPS-191346 Apply util changes
2 files changed · +118 −100
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/graphql/servlet/test/GraphQLPaginationServletTest.java+59 −50 modified@@ -6,16 +6,13 @@ package com.liferay.portal.vulcan.internal.graphql.servlet.test; import com.liferay.arquillian.extension.junit.bridge.junit.Arquillian; -import com.liferay.petra.function.UnsafeRunnable; -import com.liferay.portal.configuration.test.util.CompanyConfigurationTemporarySwapper; import com.liferay.portal.kernel.json.JSONObject; import com.liferay.portal.kernel.json.JSONUtil; -import com.liferay.portal.kernel.test.util.TestPropsValues; import com.liferay.portal.kernel.util.HashMapBuilder; -import com.liferay.portal.kernel.util.MapUtil; import com.liferay.portal.test.rule.Inject; import com.liferay.portal.test.rule.LiferayIntegrationTestRule; import com.liferay.portal.vulcan.graphql.servlet.ServletData; +import com.liferay.portal.vulcan.internal.util.PaginationConfigurationTestUtil; import org.junit.After; import org.junit.Assert; @@ -84,44 +81,73 @@ public void testQueryPagination() throws Exception { // Limited page size configured and limited page size requested - _withPageSizeLimit(10, () -> _test(1, 10, null, null)); - _withPageSizeLimit(10, () -> _test(1, 5, null, 5)); - _withPageSizeLimit(10, () -> _test(1, 10, null, 30)); - _withPageSizeLimit(30, () -> _test(1, 20, null, null)); - _withPageSizeLimit(30, () -> _test(1, 15, null, 15)); - _withPageSizeLimit(30, () -> _test(1, 30, null, 30)); - _withPageSizeLimit(30, () -> _test(1, 30, null, 40)); - _withPageSizeLimit(50, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(50, () -> _test(3, 20, 3, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 5, null, 5)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 15, null, 15)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 40)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(3, 20, 3, null)); // Limited page size configured and unlimited page size requested - _withPageSizeLimit(50, () -> _test(1, 50, null, -1)); - _withPageSizeLimit(50, () -> _test(1, 50, null, 0)); - _withPageSizeLimit(50, () -> _test(1, 50, -1, null)); - _withPageSizeLimit(50, () -> _test(1, 50, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, 0, null)); // Unlimited page size configured and limited page size requested - _withPageSizeLimit(-1, () -> _test(1, 20, null, null)); - _withPageSizeLimit(-1, () -> _test(1, 25, null, 25)); - _withPageSizeLimit(-1, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(-1, () -> _test(2, 25, 2, 25)); - _withPageSizeLimit(0, () -> _test(1, 20, null, null)); - _withPageSizeLimit(0, () -> _test(1, 25, null, 25)); - _withPageSizeLimit(0, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(0, () -> _test(2, 25, 2, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 25, 2, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 25, 2, 25)); // Unlimited page size configured and unlimited page size requested - _withPageSizeLimit(-1, () -> _test(-1, -1, -1, null)); - _withPageSizeLimit(-1, () -> _test(-1, -1, 0, null)); - _withPageSizeLimit(-1, () -> _test(-1, -1, null, -1)); - _withPageSizeLimit(-1, () -> _test(-1, -1, null, 0)); - _withPageSizeLimit(0, () -> _test(-1, -1, -1, null)); - _withPageSizeLimit(0, () -> _test(-1, -1, 0, null)); - _withPageSizeLimit(0, () -> _test(-1, -1, null, -1)); - _withPageSizeLimit(0, () -> _test(-1, -1, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, 0)); } private void _test( @@ -146,23 +172,6 @@ private void _test( Assert.assertEquals(expectedPageSize, jsonObject.getInt("pageSize")); } - private void _withPageSizeLimit( - int pageSizeLimit, UnsafeRunnable<Exception> runnable) - throws Exception { - - try (CompanyConfigurationTemporarySwapper - companyConfigurationTemporarySwapper = - new CompanyConfigurationTemporarySwapper( - TestPropsValues.getCompanyId(), - "com.liferay.portal.vulcan.internal.configuration." + - "HeadlessAPICompanyConfiguration", - MapUtil.singletonDictionary( - "pageSizeLimit", pageSizeLimit))) { - - runnable.run(); - } - } - @Inject private ConfigurationAdmin _configurationAdmin;
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/jaxrs/context/provider/test/PaginationContextProviderTest.java+59 −50 modified@@ -6,16 +6,13 @@ package com.liferay.portal.vulcan.internal.jaxrs.context.provider.test; import com.liferay.arquillian.extension.junit.bridge.junit.Arquillian; -import com.liferay.petra.function.UnsafeRunnable; -import com.liferay.portal.configuration.test.util.CompanyConfigurationTemporarySwapper; -import com.liferay.portal.kernel.test.util.TestPropsValues; import com.liferay.portal.kernel.util.HashMapDictionaryBuilder; -import com.liferay.portal.kernel.util.MapUtil; import com.liferay.portal.test.rule.Inject; import com.liferay.portal.test.rule.LiferayIntegrationTestRule; import com.liferay.portal.vulcan.internal.jaxrs.context.provider.test.util.MockFeature; import com.liferay.portal.vulcan.internal.jaxrs.context.provider.test.util.MockMessage; import com.liferay.portal.vulcan.internal.jaxrs.context.provider.test.util.MockResource; +import com.liferay.portal.vulcan.internal.util.PaginationConfigurationTestUtil; import com.liferay.portal.vulcan.pagination.Pagination; import com.liferay.portal.vulcan.resource.EntityModelResource; @@ -103,44 +100,73 @@ public void test() throws Exception { // Limited page size configured and limited page size requested - _withPageSizeLimit(10, () -> _test(1, 10, null, null)); - _withPageSizeLimit(10, () -> _test(1, 5, null, 5)); - _withPageSizeLimit(10, () -> _test(1, 10, null, 30)); - _withPageSizeLimit(30, () -> _test(1, 20, null, null)); - _withPageSizeLimit(30, () -> _test(1, 15, null, 15)); - _withPageSizeLimit(30, () -> _test(1, 30, null, 30)); - _withPageSizeLimit(30, () -> _test(1, 30, null, 40)); - _withPageSizeLimit(50, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(50, () -> _test(3, 20, 3, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 5, null, 5)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 10, () -> _test(1, 10, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 15, null, 15)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 30)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 30, () -> _test(1, 30, null, 40)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(3, 20, 3, null)); // Limited page size configured and unlimited page size requested - _withPageSizeLimit(50, () -> _test(1, 50, null, -1)); - _withPageSizeLimit(50, () -> _test(1, 50, null, 0)); - _withPageSizeLimit(50, () -> _test(1, 50, -1, null)); - _withPageSizeLimit(50, () -> _test(1, 50, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 50, () -> _test(1, 50, 0, null)); // Unlimited page size configured and limited page size requested - _withPageSizeLimit(-1, () -> _test(1, 20, null, null)); - _withPageSizeLimit(-1, () -> _test(1, 25, null, 25)); - _withPageSizeLimit(-1, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(-1, () -> _test(2, 25, 2, 25)); - _withPageSizeLimit(0, () -> _test(1, 20, null, null)); - _withPageSizeLimit(0, () -> _test(1, 25, null, 25)); - _withPageSizeLimit(0, () -> _test(2, 20, 2, null)); - _withPageSizeLimit(0, () -> _test(2, 25, 2, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(2, 25, 2, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 20, null, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(1, 25, null, 25)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 20, 2, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(2, 25, 2, 25)); // Unlimited page size configured and unlimited page size requested - _withPageSizeLimit(-1, () -> _test(-1, -1, -1, null)); - _withPageSizeLimit(-1, () -> _test(-1, -1, 0, null)); - _withPageSizeLimit(-1, () -> _test(-1, -1, null, -1)); - _withPageSizeLimit(-1, () -> _test(-1, -1, null, 0)); - _withPageSizeLimit(0, () -> _test(-1, -1, -1, null)); - _withPageSizeLimit(0, () -> _test(-1, -1, 0, null)); - _withPageSizeLimit(0, () -> _test(-1, -1, null, -1)); - _withPageSizeLimit(0, () -> _test(-1, -1, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + -1, () -> _test(-1, -1, null, 0)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, -1, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, 0, null)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, -1)); + PaginationConfigurationTestUtil.withPageSizeLimit( + 0, () -> _test(-1, -1, null, 0)); } private void _test( @@ -171,23 +197,6 @@ private void _test( Assert.assertEquals(expectedPageSize, pagination.getPageSize()); } - private void _withPageSizeLimit( - int pageSizeLimit, UnsafeRunnable<Exception> runnable) - throws Exception { - - try (CompanyConfigurationTemporarySwapper - companyConfigurationTemporarySwapper = - new CompanyConfigurationTemporarySwapper( - TestPropsValues.getCompanyId(), - "com.liferay.portal.vulcan.internal.configuration." + - "HeadlessAPICompanyConfiguration", - MapUtil.singletonDictionary( - "pageSizeLimit", pageSizeLimit))) { - - runnable.run(); - } - } - private ContextProvider<Pagination> _contextProvider; @Inject(
2f74f23982fbLPS-191346 Create PaginationConfigurationTestUtil to avoid duplicate code
1 file changed · +35 −0
modules/apps/portal-vulcan/portal-vulcan-test/src/testIntegration/java/com/liferay/portal/vulcan/internal/util/PaginationConfigurationTestUtil.java+35 −0 added@@ -0,0 +1,35 @@ +/** + * SPDX-FileCopyrightText: (c) 2023 Liferay, Inc. https://liferay.com + * SPDX-License-Identifier: LGPL-2.1-or-later OR LicenseRef-Liferay-DXP-EULA-2.0.0-2023-06 + */ + +package com.liferay.portal.vulcan.internal.util; + +import com.liferay.petra.function.UnsafeRunnable; +import com.liferay.portal.configuration.test.util.CompanyConfigurationTemporarySwapper; +import com.liferay.portal.kernel.test.util.TestPropsValues; +import com.liferay.portal.kernel.util.MapUtil; + +/** + * @author Sergio Jiménez del Coso + */ +public class PaginationConfigurationTestUtil { + + public static void withPageSizeLimit( + int pageSizeLimit, UnsafeRunnable<Exception> runnable) + throws Exception { + + try (CompanyConfigurationTemporarySwapper + companyConfigurationTemporarySwapper = + new CompanyConfigurationTemporarySwapper( + TestPropsValues.getCompanyId(), + "com.liferay.portal.vulcan.internal.configuration." + + "HeadlessAPICompanyConfiguration", + MapUtil.singletonDictionary( + "pageSizeLimit", pageSizeLimit))) { + + runnable.run(); + } + } + +} \ No newline at end of file
3780804b0d8fLPS-191346 Apply PaginationProvider for GraphQL
2 files changed · +37 −9
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/graphql/data/processor/GraphQLDTOContributorDataFetchingProcessor.java+7 −2 modified@@ -25,7 +25,7 @@ import com.liferay.portal.vulcan.internal.jaxrs.context.provider.AggregationContextProvider; import com.liferay.portal.vulcan.internal.jaxrs.context.provider.FilterContextProvider; import com.liferay.portal.vulcan.pagination.Page; -import com.liferay.portal.vulcan.pagination.Pagination; +import com.liferay.portal.vulcan.pagination.provider.PaginationProvider; import com.liferay.portal.vulcan.util.SortUtil; import java.io.Serializable; @@ -116,7 +116,9 @@ public Page<Object> list( _getFilter( acceptLanguage, graphQLDTOContributor.getEntityModel(), filterString), - Pagination.of(page, pageSize), search, + _paginationProvider.getPagination( + _portal.getCompanyId(httpServletRequest), page, pageSize), + search, SortUtil.getSorts( acceptLanguage, graphQLDTOContributor.getEntityModel(), _sortParserProvider.provide( @@ -197,6 +199,9 @@ private Filter _getFilter( @Reference private Language _language; + @Reference + private PaginationProvider _paginationProvider; + @Reference private Portal _portal;
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/graphql/data/processor/LiferayMethodDataFetchingProcessor.java+30 −7 modified@@ -25,6 +25,7 @@ import com.liferay.portal.kernel.util.HashMapBuilder; import com.liferay.portal.kernel.util.Portal; import com.liferay.portal.kernel.util.StringUtil; +import com.liferay.portal.kernel.util.Validator; import com.liferay.portal.odata.entity.EntityModel; import com.liferay.portal.odata.filter.ExpressionConvert; import com.liferay.portal.odata.filter.FilterParserProvider; @@ -45,6 +46,8 @@ import com.liferay.portal.vulcan.internal.multipart.MultipartUtil; import com.liferay.portal.vulcan.multipart.BinaryFile; import com.liferay.portal.vulcan.multipart.MultipartBody; +import com.liferay.portal.vulcan.pagination.Pagination; +import com.liferay.portal.vulcan.pagination.provider.PaginationProvider; import com.liferay.portal.vulcan.resource.EntityModelResource; import com.liferay.portal.vulcan.util.GroupUtil; import com.liferay.portal.vulcan.util.SortUtil; @@ -106,6 +109,11 @@ public Object process( Object source) throws Exception { + Pagination pagination = _paginationProvider.getPagination( + _portal.getCompanyId(httpServletRequest), + _getIntegerValue(arguments, "page"), + _getIntegerValue(arguments, "pageSize")); + Parameter[] parameters = method.getParameters(); Object[] argumentArray = new Object[parameters.length]; @@ -129,16 +137,16 @@ public Object process( Object argument = arguments.get(parameterName); - if (argument == null) { + if (parameterName.equals("page")) { + argument = pagination.getPage(); + } + else if (parameterName.equals("pageSize")) { + argument = pagination.getPageSize(); + } + else if (argument == null) { if (parameter.isAnnotationPresent(NotNull.class)) { throw new ValidationException(parameterName + " is null"); } - else if (parameterName.equals("page")) { - argument = 1; - } - else if (parameterName.equals("pageSize")) { - argument = 20; - } } if (parameterName.equals("assetLibraryId") && (argument != null)) { @@ -622,6 +630,18 @@ private Filter _getFilter( acceptLanguage, entityModel, filterString); } + private Integer _getIntegerValue( + Map<String, Object> arguments, String key) { + + Object value = arguments.get(key); + + if (Validator.isNotNull(value)) { + return GetterUtil.getInteger(value); + } + + return null; + } + private Object _getScopeChecker() { ServiceReference<?> serviceReference = _bundleContext.getServiceReference( @@ -687,6 +707,9 @@ private Field _getThisField(Class<?> clazz) { @Reference private Language _language; + @Reference + private PaginationProvider _paginationProvider; + @Reference private Portal _portal;
8dda4adc0e9eLPS-191346 Apply PaginationProvider to PaginationContextProvider for REST API
2 files changed · +21 −49
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/jaxrs/context/provider/PaginationContextProvider.java+16 −44 modified@@ -5,17 +5,13 @@ package com.liferay.portal.vulcan.internal.jaxrs.context.provider; -import com.liferay.portal.configuration.module.configuration.ConfigurationProvider; -import com.liferay.portal.kernel.dao.orm.QueryUtil; -import com.liferay.portal.kernel.module.configuration.ConfigurationException; -import com.liferay.portal.kernel.util.GetterUtil; import com.liferay.portal.kernel.util.Portal; -import com.liferay.portal.vulcan.internal.configuration.HeadlessAPICompanyConfiguration; +import com.liferay.portal.kernel.util.Validator; import com.liferay.portal.vulcan.pagination.Pagination; +import com.liferay.portal.vulcan.pagination.provider.PaginationProvider; import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.InternalServerErrorException; import javax.ws.rs.ext.Provider; import org.apache.cxf.jaxrs.ext.ContextProvider; @@ -28,9 +24,9 @@ public class PaginationContextProvider implements ContextProvider<Pagination> { public PaginationContextProvider( - ConfigurationProvider configurationProvider, Portal portal) { + PaginationProvider paginationProvider, Portal portal) { - _configurationProvider = configurationProvider; + _paginationProvider = paginationProvider; _portal = portal; } @@ -39,52 +35,28 @@ public Pagination createContext(Message message) { HttpServletRequest httpServletRequest = ContextProviderUtil.getHttpServletRequest(message); - int requestPage = GetterUtil.getInteger( - httpServletRequest.getParameter("page"), 1); - int requestPageSize = GetterUtil.getInteger( - httpServletRequest.getParameter("pageSize"), 20); - int pageSizeLimit = _getPageSizeLimit( - _portal.getCompanyId(httpServletRequest)); + Integer pageValue = _getIntegerValue(httpServletRequest, "page"); - if (_isUnlimited(requestPage) || _isUnlimited(requestPageSize)) { - if (_isUnlimited(pageSizeLimit)) { - return Pagination.of(QueryUtil.ALL_POS, QueryUtil.ALL_POS); - } + Integer pageSizeValue = _getIntegerValue( + httpServletRequest, "pageSize"); - return Pagination.of(1, pageSizeLimit); - } - - if (_isUnlimited(pageSizeLimit)) { - return Pagination.of(requestPage, requestPageSize); - } - - return Pagination.of( - requestPage, Math.min(requestPageSize, pageSizeLimit)); + return _paginationProvider.getPagination( + _portal.getCompanyId(httpServletRequest), pageValue, pageSizeValue); } - private int _getPageSizeLimit(long companyId) { - try { - HeadlessAPICompanyConfiguration headlessAPICompanyConfiguration = - _configurationProvider.getCompanyConfiguration( - HeadlessAPICompanyConfiguration.class, companyId); + private Integer _getIntegerValue( + HttpServletRequest httpServletRequest, String key) { - return headlessAPICompanyConfiguration.pageSizeLimit(); - } - catch (ConfigurationException configurationException) { - throw new InternalServerErrorException( - configurationException.getMessage()); - } - } + String value = httpServletRequest.getParameter(key); - private boolean _isUnlimited(int value) { - if (value <= 0) { - return true; + if (Validator.isNotNull(value)) { + return Integer.valueOf(value); } - return false; + return null; } - private final ConfigurationProvider _configurationProvider; + private final PaginationProvider _paginationProvider; private final Portal _portal; } \ No newline at end of file
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/jaxrs/feature/VulcanFeature.java+5 −5 modified@@ -9,7 +9,6 @@ import com.fasterxml.jackson.jaxrs.xml.JacksonXMLProvider; import com.liferay.depot.service.DepotEntryLocalService; -import com.liferay.portal.configuration.module.configuration.ConfigurationProvider; import com.liferay.portal.kernel.language.Language; import com.liferay.portal.kernel.search.filter.Filter; import com.liferay.portal.kernel.service.GroupLocalService; @@ -68,6 +67,7 @@ import com.liferay.portal.vulcan.internal.jaxrs.writer.interceptor.NestedFieldsWriterInterceptor; import com.liferay.portal.vulcan.internal.jaxrs.writer.interceptor.PageEntityExtensionWriterInterceptor; import com.liferay.portal.vulcan.internal.param.converter.provider.DateParamConverterProvider; +import com.liferay.portal.vulcan.pagination.provider.PaginationProvider; import javax.ws.rs.Priorities; import javax.ws.rs.core.Feature; @@ -165,7 +165,7 @@ _roleLocalService, _getScopeChecker(), _sortParserProvider, _nestedFieldsWriterInterceptor, Priorities.USER - 10); featureContext.register( - new PaginationContextProvider(_configurationProvider, _portal)); + new PaginationContextProvider(_paginationProvider, _portal)); featureContext.register( new SiteParamConverterProvider( _depotEntryLocalService, _groupLocalService)); @@ -205,9 +205,6 @@ private Object _getScopeChecker() { @Reference private ConfigurationAdmin _configurationAdmin; - @Reference - private ConfigurationProvider _configurationProvider; - @Reference private DepotEntryLocalService _depotEntryLocalService; @@ -230,6 +227,9 @@ private Object _getScopeChecker() { private NestedFieldsWriterInterceptor _nestedFieldsWriterInterceptor; + @Reference + private PaginationProvider _paginationProvider; + @Reference private Portal _portal;
83e77963499dLPS-191346 Create PaginationProvider to use this code in REST API and GraphQL and avoid duplication
4 files changed · +101 −1
modules/apps/portal-vulcan/portal-vulcan-api/bnd.bnd+2 −1 modified@@ -1,6 +1,6 @@ Bundle-Name: Liferay Portal Vulcan API Bundle-SymbolicName: com.liferay.portal.vulcan.api -Bundle-Version: 40.1.1 +Bundle-Version: 40.2.0 Export-Package:\ com.liferay.portal.vulcan.accept.language,\ com.liferay.portal.vulcan.aggregation,\ @@ -29,6 +29,7 @@ Export-Package:\ com.liferay.portal.vulcan.openapi,\ com.liferay.portal.vulcan.openapi.contributor,\ com.liferay.portal.vulcan.pagination,\ + com.liferay.portal.vulcan.pagination.provider,\ com.liferay.portal.vulcan.permission,\ com.liferay.portal.vulcan.resource,\ com.liferay.portal.vulcan.resource.locator,\
modules/apps/portal-vulcan/portal-vulcan-api/src/main/java/com/liferay/portal/vulcan/pagination/provider/PaginationProvider.java+18 −0 added@@ -0,0 +1,18 @@ +/** + * SPDX-FileCopyrightText: (c) 2023 Liferay, Inc. https://liferay.com + * SPDX-License-Identifier: LGPL-2.1-or-later OR LicenseRef-Liferay-DXP-EULA-2.0.0-2023-06 + */ + +package com.liferay.portal.vulcan.pagination.provider; + +import com.liferay.portal.vulcan.pagination.Pagination; + +/** + * @author Sergio Jiménez del Coso + */ +public interface PaginationProvider { + + public Pagination getPagination( + long companyId, Integer requestPage, Integer requestPageSize); + +} \ No newline at end of file
modules/apps/portal-vulcan/portal-vulcan-api/src/main/resources/com/liferay/portal/vulcan/pagination/provider/packageinfo+1 −0 added@@ -0,0 +1 @@ +version 1.0.0 \ No newline at end of file
modules/apps/portal-vulcan/portal-vulcan-impl/src/main/java/com/liferay/portal/vulcan/internal/pagination/provider/PaginationProviderImpl.java+80 −0 added@@ -0,0 +1,80 @@ +/** + * SPDX-FileCopyrightText: (c) 2023 Liferay, Inc. https://liferay.com + * SPDX-License-Identifier: LGPL-2.1-or-later OR LicenseRef-Liferay-DXP-EULA-2.0.0-2023-06 + */ + +package com.liferay.portal.vulcan.internal.pagination.provider; + +import com.liferay.portal.configuration.module.configuration.ConfigurationProvider; +import com.liferay.portal.kernel.dao.orm.QueryUtil; +import com.liferay.portal.kernel.module.configuration.ConfigurationException; +import com.liferay.portal.kernel.util.GetterUtil; +import com.liferay.portal.vulcan.internal.configuration.HeadlessAPICompanyConfiguration; +import com.liferay.portal.vulcan.pagination.Pagination; +import com.liferay.portal.vulcan.pagination.provider.PaginationProvider; + +import org.osgi.service.component.annotations.Component; +import org.osgi.service.component.annotations.Reference; + +/** + * @author Sergio Jiménez del Coso + */ +@Component(service = PaginationProvider.class) +public class PaginationProviderImpl implements PaginationProvider { + + @Override + public Pagination getPagination( + long companyId, Integer page, Integer pageSize) { + + int requestPage = GetterUtil.getInteger(page, 1); + + int requestPageSize = GetterUtil.getInteger(pageSize, 20); + + return _getPagination( + _getPageSizeLimit(companyId), requestPage, requestPageSize); + } + + private int _getPageSizeLimit(long companyId) { + try { + HeadlessAPICompanyConfiguration headlessAPICompanyConfiguration = + _configurationProvider.getCompanyConfiguration( + HeadlessAPICompanyConfiguration.class, companyId); + + return headlessAPICompanyConfiguration.pageSizeLimit(); + } + catch (ConfigurationException configurationException) { + throw new RuntimeException(configurationException.getMessage()); + } + } + + private Pagination _getPagination( + int pageSizeLimit, int requestPage, int requestPageSize) { + + if (_isUnlimited(requestPage) || _isUnlimited(requestPageSize)) { + if (_isUnlimited(pageSizeLimit)) { + return Pagination.of(QueryUtil.ALL_POS, QueryUtil.ALL_POS); + } + + return Pagination.of(1, pageSizeLimit); + } + + if (_isUnlimited(pageSizeLimit)) { + return Pagination.of(requestPage, requestPageSize); + } + + return Pagination.of( + requestPage, Math.min(requestPageSize, pageSizeLimit)); + } + + private boolean _isUnlimited(int value) { + if (value <= 0) { + return true; + } + + return false; + } + + @Reference + private ConfigurationProvider _configurationProvider; + +} \ No newline at end of file
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
10- github.com/advisories/GHSA-f3hf-r62c-mfrjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-43796ghsaADVISORY
- github.com/liferay/liferay-portal/commit/8f7eb98e05a5ea6961346ecc21fd73e4b46bba99ghsaWEB
- github.com/liferay/liferay-portal/commit/2e4adf041e31f3474a14c29b7c135693f6529400ghsaWEB
- github.com/liferay/liferay-portal/commit/2f74f23982fb03238f9b4ae145c33a9c1084f07eghsaWEB
- github.com/liferay/liferay-portal/commit/3780804b0d8f4f14bfca470a3e2e662bc6cef588ghsaWEB
- github.com/liferay/liferay-portal/commit/8344aec3bebcd2ca409794523d5db5be6047c3ddghsaWEB
- github.com/liferay/liferay-portal/commit/83e77963499d4d3e7cc82cc48e63c992f6f29a6dghsaWEB
- github.com/liferay/liferay-portal/commit/8dda4adc0e9e7b6f82d4b3959592cad61640309bghsaWEB
- liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43796ghsaWEB
News mentions
0No linked articles in our index yet.