CVE-2019-16891
published 2019-10-04CVE-2019-16891: Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| liferay | liferay_portal | <= 6.0.6 | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |
| liferay | liferay_portal | — | — |