VYPR

Maven package

com.liferay/com.liferay.portal.workflow.api

pkg:maven/com.liferay/com.liferay.portal.workflow.api

Vulnerabilities (1)

  • CVE-2025-43786Sep 9, 2025
    affected >= 7.0.1, < 11.0.1fixed 11.0.1

    Enumeration of ERC from object entry in Liferay Portal 7.4.0 through 7.4.3.128, and Liferay DXP 2024.Q3.0 through 2024.Q3.1, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 and 7.4 GA through update 92 allow attackers to determine existent ERC in the applica