GHSA-cx84-43xc-3gm2, CVE-2022-42131
maven/com.liferay.portal/release.portal.bom
Improper Certificate Validation
Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3.
All versions starting from 7.1.0 before 7.4.3.4
Upgrade to version 7.4.3.4 or above.
2022-11-22
source |