Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-17260

LSV-841: Security vulnerability in json-smart 2.2.1/2.3 (Multiple Components)

    Details

    • 7.2 Fix Pack Version:
      14
    • 7.3 Fix Pack Version:
      2

      Description

      The Data Engine, Dynamic Data Mapping, and Security SSO module in Liferay DXP is bundled with json-smart 2.2.1/2.3 which has known vulnerabilities. For more details, please see https://nvd.nist.gov/vuln/detail/CVE-2021-27568

        Attachments

          Activity

            People

            Assignee:
            support-l1@liferay.com US Support
            Reporter:
            il.kim Brian I. Kim
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Packages

                Version Package
                7.2.X EE
                7.3.X EE