VYPR

Maven package

com.liferay/com.liferay.portal.security.ldap.impl

pkg:maven/com.liferay/com.liferay.portal.security.ldap.impl

Vulnerabilities (2)

  • CVE-2025-62262Oct 27, 2025
    affected >= 4.0.2, < 4.0.54fixed 4.0.54

    Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions all

  • CVE-2021-38266Mar 2, 2022
    affected < 2.0.19fixed 2.0.19

    The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by at