-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
JavaJavaMiggo AIRoot Cause AnalysisThe vulnerability centers on unsafe ZIP extraction in Elasticsearch Sidecar plugin installation. While no patch code is available, the following evidence supports the identification:
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.liferay.portal:release.portal.bom | maven | >= 7.3.3, < 7.4.3.19 | 7.4.3.19 |
KEV Misses 88% of Exploited CVEs- Get the report