Description
In Liferay Portal 7.0.4 and earlier, when Xuggler is enabled for video conversion, a large number of temporary files may be created during video playback, which allows remote users to cause a denial of service (DoS) vulnerability (disk consumption).
Workaround: Disable integration with Xuggler
Severity
Severity 1
Fixed Version(s)
- Liferay Portal 7.0.5
- March 2020 source patch for Liferay Portal 6.2.5. Details for working with source patches can be found on the Patching Liferay Portal page.
Publication date: Tue, 03 Apr 2018 08:54:00 +0000