{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Liferay DXP versions 2023.Q3.x et 2023.Q4.x ant\u00e9rieures \u00e0 2024.Q1.1","product":{"name":"DXP","vendor":{"name":"Liferay","scada":false}}},{"description":"Liferay Portal versions 7.4.x ant\u00e9rieures \u00e0 7.4.3.112","product":{"name":"Portal","vendor":{"name":"Liferay","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2025-43818","url":"https://www.cve.org/CVERecord?id=CVE-2025-43818"},{"name":"CVE-2025-43762","url":"https://www.cve.org/CVERecord?id=CVE-2025-43762"},{"name":"CVE-2025-43749","url":"https://www.cve.org/CVERecord?id=CVE-2025-43749"},{"name":"CVE-2024-26266","url":"https://www.cve.org/CVERecord?id=CVE-2024-26266"},{"name":"CVE-2024-25151","url":"https://www.cve.org/CVERecord?id=CVE-2024-25151"},{"name":"CVE-2023-40191","url":"https://www.cve.org/CVERecord?id=CVE-2023-40191"},{"name":"CVE-2025-43748","url":"https://www.cve.org/CVERecord?id=CVE-2025-43748"},{"name":"CVE-2025-43829","url":"https://www.cve.org/CVERecord?id=CVE-2025-43829"},{"name":"CVE-2025-43813","url":"https://www.cve.org/CVERecord?id=CVE-2025-43813"},{"name":"CVE-2024-25609","url":"https://www.cve.org/CVERecord?id=CVE-2024-25609"},{"name":"CVE-2024-26267","url":"https://www.cve.org/CVERecord?id=CVE-2024-26267"},{"name":"CVE-2023-42498","url":"https://www.cve.org/CVERecord?id=CVE-2023-42498"},{"name":"CVE-2025-62242","url":"https://www.cve.org/CVERecord?id=CVE-2025-62242"},{"name":"CVE-2025-43769","url":"https://www.cve.org/CVERecord?id=CVE-2025-43769"},{"name":"CVE-2025-43751","url":"https://www.cve.org/CVERecord?id=CVE-2025-43751"},{"name":"CVE-2025-62252","url":"https://www.cve.org/CVERecord?id=CVE-2025-62252"},{"name":"CVE-2025-62250","url":"https://www.cve.org/CVERecord?id=CVE-2025-62250"},{"name":"CVE-2023-44308","url":"https://www.cve.org/CVERecord?id=CVE-2023-44308"},{"name":"CVE-2025-62247","url":"https://www.cve.org/CVERecord?id=CVE-2025-62247"},{"name":"CVE-2023-5190","url":"https://www.cve.org/CVERecord?id=CVE-2023-5190"},{"name":"CVE-2025-43820","url":"https://www.cve.org/CVERecord?id=CVE-2025-43820"},{"name":"CVE-2025-62259","url":"https://www.cve.org/CVERecord?id=CVE-2025-62259"},{"name":"CVE-2024-25607","url":"https://www.cve.org/CVERecord?id=CVE-2024-25607"},{"name":"CVE-2025-43807","url":"https://www.cve.org/CVERecord?id=CVE-2025-43807"},{"name":"CVE-2024-26269","url":"https://www.cve.org/CVERecord?id=CVE-2024-26269"},{"name":"CVE-2025-43758","url":"https://www.cve.org/CVERecord?id=CVE-2025-43758"},{"name":"CVE-2021-29038","url":"https://www.cve.org/CVERecord?id=CVE-2021-29038"},{"name":"CVE-2024-26268","url":"https://www.cve.org/CVERecord?id=CVE-2024-26268"},{"name":"CVE-2023-37940","url":"https://www.cve.org/CVERecord?id=CVE-2023-37940"},{"name":"CVE-2025-62245","url":"https://www.cve.org/CVERecord?id=CVE-2025-62245"},{"name":"CVE-2025-43765","url":"https://www.cve.org/CVERecord?id=CVE-2025-43765"},{"name":"CVE-2025-3586","url":"https://www.cve.org/CVERecord?id=CVE-2025-3586"},{"name":"CVE-2025-62267","url":"https://www.cve.org/CVERecord?id=CVE-2025-62267"},{"name":"CVE-2025-43811","url":"https://www.cve.org/CVERecord?id=CVE-2025-43811"},{"name":"CVE-2023-42496","url":"https://www.cve.org/CVERecord?id=CVE-2023-42496"},{"name":"CVE-2025-43808","url":"https://www.cve.org/CVERecord?id=CVE-2025-43808"},{"name":"CVE-2025-62239","url":"https://www.cve.org/CVERecord?id=CVE-2025-62239"},{"name":"CVE-2025-43830","url":"https://www.cve.org/CVERecord?id=CVE-2025-43830"},{"name":"CVE-2024-25150","url":"https://www.cve.org/CVERecord?id=CVE-2024-25150"},{"name":"CVE-2023-47798","url":"https://www.cve.org/CVERecord?id=CVE-2023-47798"},{"name":"CVE-2025-43779","url":"https://www.cve.org/CVERecord?id=CVE-2025-43779"},{"name":"CVE-2025-62246","url":"https://www.cve.org/CVERecord?id=CVE-2025-62246"},{"name":"CVE-2025-43772","url":"https://www.cve.org/CVERecord?id=CVE-2025-43772"},{"name":"CVE-2025-43826","url":"https://www.cve.org/CVERecord?id=CVE-2025-43826"},{"name":"CVE-2025-62237","url":"https://www.cve.org/CVERecord?id=CVE-2025-62237"},{"name":"CVE-2025-43817","url":"https://www.cve.org/CVERecord?id=CVE-2025-43817"},{"name":"CVE-2025-62275","url":"https://www.cve.org/CVERecord?id=CVE-2025-62275"},{"name":"CVE-2023-3426","url":"https://www.cve.org/CVERecord?id=CVE-2023-3426"},{"name":"CVE-2025-62251","url":"https://www.cve.org/CVERecord?id=CVE-2025-62251"},{"name":"CVE-2024-25605","url":"https://www.cve.org/CVERecord?id=CVE-2024-25605"},{"name":"CVE-2024-25603","url":"https://www.cve.org/CVERecord?id=CVE-2024-25603"},{"name":"CVE-2023-47795","url":"https://www.cve.org/CVERecord?id=CVE-2023-47795"},{"name":"CVE-2025-43799","url":"https://www.cve.org/CVERecord?id=CVE-2025-43799"},{"name":"CVE-2025-43802","url":"https://www.cve.org/CVERecord?id=CVE-2025-43802"},{"name":"CVE-2025-43782","url":"https://www.cve.org/CVERecord?id=CVE-2025-43782"},{"name":"CVE-2025-62264","url":"https://www.cve.org/CVERecord?id=CVE-2025-62264"},{"name":"CVE-2024-25149","url":"https://www.cve.org/CVERecord?id=CVE-2024-25149"},{"name":"CVE-2025-62265","url":"https://www.cve.org/CVERecord?id=CVE-2025-62265"},{"name":"CVE-2025-43764","url":"https://www.cve.org/CVERecord?id=CVE-2025-43764"},{"name":"CVE-2025-43771","url":"https://www.cve.org/CVERecord?id=CVE-2025-43771"},{"name":"CVE-2024-25606","url":"https://www.cve.org/CVERecord?id=CVE-2024-25606"},{"name":"CVE-2024-25608","url":"https://www.cve.org/CVERecord?id=CVE-2024-25608"},{"name":"CVE-2025-43761","url":"https://www.cve.org/CVERecord?id=CVE-2025-43761"},{"name":"CVE-2025-43803","url":"https://www.cve.org/CVERecord?id=CVE-2025-43803"},{"name":"CVE-2025-43823","url":"https://www.cve.org/CVERecord?id=CVE-2025-43823"},{"name":"CVE-2022-45320","url":"https://www.cve.org/CVERecord?id=CVE-2022-45320"},{"name":"CVE-2021-29050","url":"https://www.cve.org/CVERecord?id=CVE-2021-29050"},{"name":"CVE-2024-25602","url":"https://www.cve.org/CVERecord?id=CVE-2024-25602"},{"name":"CVE-2024-25152","url":"https://www.cve.org/CVERecord?id=CVE-2024-25152"},{"name":"CVE-2025-43815","url":"https://www.cve.org/CVERecord?id=CVE-2025-43815"},{"name":"CVE-2025-43770","url":"https://www.cve.org/CVERecord?id=CVE-2025-43770"},{"name":"CVE-2025-62238","url":"https://www.cve.org/CVERecord?id=CVE-2025-62238"},{"name":"CVE-2025-43754","url":"https://www.cve.org/CVERecord?id=CVE-2025-43754"},{"name":"CVE-2025-43786","url":"https://www.cve.org/CVERecord?id=CVE-2025-43786"},{"name":"CVE-2024-11993","url":"https://www.cve.org/CVERecord?id=CVE-2024-11993"},{"name":"CVE-2025-62241","url":"https://www.cve.org/CVERecord?id=CVE-2025-62241"},{"name":"CVE-2025-62253","url":"https://www.cve.org/CVERecord?id=CVE-2025-62253"},{"name":"CVE-2025-43812","url":"https://www.cve.org/CVERecord?id=CVE-2025-43812"},{"name":"CVE-2025-43750","url":"https://www.cve.org/CVERecord?id=CVE-2025-43750"},{"name":"CVE-2024-25601","url":"https://www.cve.org/CVERecord?id=CVE-2024-25601"},{"name":"CVE-2024-25610","url":"https://www.cve.org/CVERecord?id=CVE-2024-25610"},{"name":"CVE-2025-43821","url":"https://www.cve.org/CVERecord?id=CVE-2025-43821"},{"name":"CVE-2024-25604","url":"https://www.cve.org/CVERecord?id=CVE-2024-25604"},{"name":"CVE-2025-62248","url":"https://www.cve.org/CVERecord?id=CVE-2025-62248"},{"name":"CVE-2025-43822","url":"https://www.cve.org/CVERecord?id=CVE-2025-43822"},{"name":"CVE-2025-62276","url":"https://www.cve.org/CVERecord?id=CVE-2025-62276"},{"name":"CVE-2025-43788","url":"https://www.cve.org/CVERecord?id=CVE-2025-43788"},{"name":"CVE-2025-43766","url":"https://www.cve.org/CVERecord?id=CVE-2025-43766"},{"name":"CVE-2025-43781","url":"https://www.cve.org/CVERecord?id=CVE-2025-43781"},{"name":"CVE-2025-43824","url":"https://www.cve.org/CVERecord?id=CVE-2025-43824"},{"name":"CVE-2025-62249","url":"https://www.cve.org/CVERecord?id=CVE-2025-62249"},{"name":"CVE-2025-43789","url":"https://www.cve.org/CVERecord?id=CVE-2025-43789"},{"name":"CVE-2025-62243","url":"https://www.cve.org/CVERecord?id=CVE-2025-62243"},{"name":"CVE-2023-47797","url":"https://www.cve.org/CVERecord?id=CVE-2023-47797"},{"name":"CVE-2025-43759","url":"https://www.cve.org/CVERecord?id=CVE-2025-43759"},{"name":"CVE-2025-43827","url":"https://www.cve.org/CVERecord?id=CVE-2025-43827"},{"name":"CVE-2024-25147","url":"https://www.cve.org/CVERecord?id=CVE-2024-25147"},{"name":"CVE-2025-43767","url":"https://www.cve.org/CVERecord?id=CVE-2025-43767"},{"name":"CVE-2025-43790","url":"https://www.cve.org/CVERecord?id=CVE-2025-43790"},{"name":"CVE-2025-62240","url":"https://www.cve.org/CVERecord?id=CVE-2025-62240"},{"name":"CVE-2024-26270","url":"https://www.cve.org/CVERecord?id=CVE-2024-26270"},{"name":"CVE-2025-43810","url":"https://www.cve.org/CVERecord?id=CVE-2025-43810"},{"name":"CVE-2025-43795","url":"https://www.cve.org/CVERecord?id=CVE-2025-43795"},{"name":"CVE-2024-26265","url":"https://www.cve.org/CVERecord?id=CVE-2024-26265"},{"name":"CVE-2025-43768","url":"https://www.cve.org/CVERecord?id=CVE-2025-43768"},{"name":"CVE-2025-43775","url":"https://www.cve.org/CVERecord?id=CVE-2025-43775"},{"name":"CVE-2025-62244","url":"https://www.cve.org/CVERecord?id=CVE-2025-62244"}],"links":[{"title":"Bulletins de s\u00e9curit\u00e9 de Liferay","url":"https://liferay.dev/portal/security/known-vulnerabilities"}],"reference":"CERTFR-2025-AVI-0954","revisions":[{"description":"Version initiale","revision_date":"2025-11-03T00:00:00.000000"},{"description":"R\u00e9gularisation des identifiants CVE pr\u00e9sents sur le site de l'\u00e9diteur.","revision_date":"2025-11-14T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Liferay. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur.","title":"Multiples vuln\u00e9rabilit\u00e9s dans Liferay","vendor_advisories":[{"published_at":"2025-11-01","title":"Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62275-1","url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62275-1"},{"published_at":"2025-10-31","title":"Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62276","url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62276"},{"published_at":"2025-10-31","title":"Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62264","url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62264"},{"published_at":"2025-10-31","title":"Bulletin de s\u00e9curit\u00e9 Liferay cve-2025-62267","url":"https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2025-62267"}]}