Description
PrimeFaces 6.2+ p:fileUpload
When used in concert with Liferay Faces Bridge, PrimeFaces 6.2+ p:fileUpload file upload validation can be bypassed allowing very large files to be uploaded which may be used in a denial of service (DoS) attack.
This vulnerability affects com.liferay.faces.bridge.impl-4.1.2 and com.liferay.faces.bridge.impl-4.1.1 versions which are compatible with:
- Liferay Portal 6.2
- Liferay Portal 7.0
- Liferay Portal 7.1
- Pluto Portal 2.0
RichFaces rich:fileUpload
When used in concert with Liferay Faces Bridge, RichFaces rich:fileUpload file upload validation can be bypassed allowing very large files to be uploaded which may be used in a denial of service (DoS) attack.
This vulnerability affects com.liferay.faces.bridge.impl-4.1.2 and all previous 4.x versions which are compatible with:
- Liferay Portal 6.2
- Liferay Portal 7.0
- Liferay Portal 7.1
- Pluto Portal 2.0
This vulnerability affects com.liferay.faces.bridge.impl-3.1.0 and all previous 3.x versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-4.2.5-ga6 and all previous 4.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.2.5-ga6 and all previous 3.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.1.5-ga6 and all previous 3.1.x-ga versions which are compatible with:
- Liferay Portal 6.1
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.0.5-ga6 and all previous 3.0.x-ga versions which are compatible with:
- Liferay Portal 6.0
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.0.5-legacy-ga6 and all previous 3.0.x-legacy-ga versions which are compatible with:
- Liferay Portal 5.2
- Pluto Portal 2.0
com.liferay.faces.bridge.uploadedFileMaxSize with IceFaces ace:fileEntry
When used in concert with Liferay Faces Bridge, com.liferay.faces.bridge.uploadedFileMaxSize context parameter file upload validation can be bypassed for IceFaces ace:fileEntry allowing very large files to be uploaded which may be used in a denial of service (DoS) attack.
This vulnerability affects com.liferay.faces.bridge.impl-4.1.2 and all previous 4.x versions which are compatible with:
- Liferay Portal 6.2
- Liferay Portal 7.0
- Liferay Portal 7.1
- Pluto Portal 2.0
This vulnerability affects com.liferay.faces.bridge.impl-3.1.0 and all previous 3.x versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-4.2.5-ga6 and all previous 4.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.2.5-ga6 and all previous 3.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.1.5-ga6 and all previous 3.1.x-ga versions which are compatible with:
- Liferay Portal 6.1
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.0.5-ga6 and all previous 3.0.x-ga versions which are compatible with:
- Liferay Portal 6.0
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.0.5-legacy-ga6 and all previous 3.0.x-legacy-ga versions which are compatible with:
- Liferay Portal 5.2
- Pluto Portal 2.0
com.liferay.faces.util.uploadedFileMaxSize with alloy:inputFile in Portlets
When used in concert with Liferay Faces Bridge, com.liferay.faces.util.uploadedFileMaxSize context parameter file upload validation can be bypassed for Alloy alloy:inputFile allowing very large files to be uploaded which may be used in a denial of service (DoS) attack.
This vulnerability affects com.liferay.faces.bridge.impl-4.1.2 and all previous 4.x versions which are compatible with:
- Liferay Portal 6.2
- Liferay Portal 7.0
- Liferay Portal 7.1
- Pluto Portal 2.0
This vulnerability affects com.liferay.faces.bridge.impl-3.1.0 and all previous 3.x versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-4.2.5-ga6 and all previous 4.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
This vulnerability affects liferay-faces-bridge-impl-3.2.5-ga6 and all previous 3.2.x-ga versions which are compatible with:
- Liferay Portal 6.2
- Pluto Portal 2.0
IceFaces 1.8 ice:inputFile
Please also note that if you are using IceFaces 1.8 ice:inputFile with Liferay Portal, the com.liferay.faces.bridge.uploadedFileMaxSize and com.liferay.faces.util.uploadedFileMaxSize context parameters will not provide validation since IceFaces 1.8 provides its own bridge-like mechanism, so Liferay Faces cannot provide file upload validation. Please use IceFaces 1.8 com.icesoft.faces.uploadMaxFileSize parameter to prevent very large files from being uploaded with IceFaces 1.8.
Severity
Severity 2
Notes
To install, place patch in each of your Liferay Faces WARs in the WEB-INF/lib directory.
The dependency can be included via Maven, Gradle, or Ivy.
In a Maven project pom.xml <dependencies> section, add the following <dependency>:
<dependency> <groupId>com.liferay.faces.patches</groupId> <artifactId>com.liferay.faces.lsv.485.patch</artifactId> <version>1.0.0</version> </dependency>
In a Gradle project build.gradle dependencies section, add the following dependency:
compile group: 'com.liferay.faces.patches', name: 'com.liferay.faces.lsv.485.patch', version: '1.0.0'
In an Ant-Ivy project ivy.xml
<dependency org="com.liferay.faces.patches" name="com.liferay.faces.lsv.485.patch" rev="1.0.0" />
Publication date: Tue, 27 Aug 2019 21:46:00 +0000