Security

Volver a Security Alert

[LES] Elastic's Response to Log4j Exploit (CVE-2021-44228)
ClamAV HFS+ Aviso de seguridad: CVE-2023-20032
Dec 16 Liferay’s Update about Log4j vulnerabilities CVE-2021-4104, CVE-2021-44228 and CVE-2021-45046
Dec 18 Liferay’s Update about Log4j CVE-2021-45105
Delayed: Disabling TLS 1.0 for Inbound Traffic on Liferay Services and Websites
Disabling TLS 1.0 for Inbound Traffic on Liferay Services and Websites
Elasticsearch and Liferay Enterprise Search Security Advisory: 2018 November
Elasticsearch and Liferay Enterprise Search Security Advisory: April 2, 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: April 28, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: April 7, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: August 23, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: August 5, 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: Dec 11, 2021 (Log4j2, CVE-2021-44228, CVE-2021-45046,CVE-2021-45105)
Elasticsearch and Liferay Enterprise Search Security Advisory: February 2019
Elasticsearch and Liferay Enterprise Search Security Advisory: January 15, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: January 16, 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: July 12, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: July 23, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: June 2, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: June 4, 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: March 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: March 9, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: Nov 12, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: October 2019
Elasticsearch and Liferay Enterprise Search Security Advisory: October 22, 2020
Elasticsearch and Liferay Enterprise Search Security Advisory: Sept 2, 2021
Elasticsearch and Liferay Enterprise Search Security Advisory: September 2, 2020
Elastic Security Statement for CVE-2024-3094, xz versions 5.6.0 and 5.6.1
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-1364
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-23707
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-23708, CVE-2022-23709, CVE-2022-23710
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-23711
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-23713
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-38779
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2022-38900
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-1370
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-31414, CVE-2023-31415, CVE-2023-26486, CVE-2023-26487
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-31417
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-31418, CVE-2023-31419, CVE-2023-31422
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-46671, CVE-2023-46673
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2023-46675, CVE-2023-49921
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-12539
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-12556, CVE-2024-52974, CVE-2024-52980, CVE-2024-52981
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-23445, CVE-2024-37279, CVE-2024-37280, CVE-2024-23442, CVE-2024-23443, CVE-2024-2887, CVE-2024-37281, CVE-2024-37287, CVE-2024-23444
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-23446, CVE-2023-7024
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-23449
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-23450
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-37285, CVE-2024-37288
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-43706, CVE-2025-2135, CVE-2025-25012 (Kibana)
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-43709, CVE-2024-52973, CVE-2024-43710, CVE-2024-43707, CVE-2024-52972, CVE-2024-43708
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2025-25012
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2025-25014, CVE-2024-52979, CVE-2024-11390, CVE-2025-25016
Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2025-54988 and Elastic's Response to ‘EDR 0-Day Vulnerability’
Elastic Stack and Liferay Enterprise Search Security Advisory: Security Statement for OpenSSL CVE-2022-3786 and CVE-2022-3602, OpenSSL version 3.0.7
Elastic Stack and Liferay Enterprise Search Security Advisory: Security Statement for Oracle July Critical Patch Update CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2022-34169
Elastic Stack and Liferay Enterprise Search Security Advisory: Security Statement regarding CVE-2022-1471
Elastic Stack Security Advisory: CVE-2025-25009, CVE-2025-25017, CVE-2025-25018, CVE-2025-37727
Elastic Stack Security Advisory: CVE-2025-59840, CVE-2025-37731, CVE-2025-37732, CVE-2025-37734
Follow-Up Security Alert for LSV-412 and LSV-545
Jenkins Security Advisory 2024-01-24: CVE-2024-23897
Liferay Cloud Security Alert: June 2019
Liferay Enterprise Search Support Alert: Action Required by June 24 2019
Liferay SaaS Security Alert: March 2020
Liferay Security Alert: 2018 August
Liferay Security Alert: 2019 January
Liferay Security Alert: 2019 June
Liferay Security Alert: 2019 November
Liferay Security Alert: 2019 October
Liferay Security Alert: 2020 February
Liferay Security Alert: 2020 July
Liferay Security Alert: 2020 March
Liferay Security Alert: 2020 May
Liferay Security Alert: 2021 April
Liferay Security Alert: 2022 April
Liferay Security Alert: December 2018
Liferay Security Alert for Liferay DXP
Liferay’s Statement about CVE-2021-44228 (Log4j vulnerability)
Liferay’s Statement about recent Log4j vulnerabilities
Reminder: Follow-Up Security Alert for LSV-412 and LSV-545
Spring4Shell and Spring Cloud Security Advisory
TLS 1.0 Disabled for Inbound Traffic on Liferay Services and Websites
Update: Log4j Security Advisory

Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-37285, CVE-2024-37288

The following issues may affect your Liferay-Elastic stack.

announced, Liferay has disabled TLS 1.0 for inbound traffic on Liferay services and websites.

Please navigate to the Vulnerability Information Knowledge Base for a list of affected Liferay systems and services, as well as mitigation instructions for deployments.

As previously planned and

Cómo empezar

Ayuda del Portal del cliente

Liferay Learn

Base de conocimiento

Visión general de seguridad

Informes de seguridad

Release Notes

Actualizaciones del Portal del cliente

Descargas

Mis tickets

Abre un ticket

Escala un ticket

Cobertura de soporte

Servicios y compatibilidad

Contáctanos

Eventos de cliente

Security

Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-37285, CVE-2024-37288

announced, Liferay has disabled TLS 1.0 for inbound traffic on Liferay services and websites.

Please navigate to the Vulnerability Information Knowledge Base for a list of affected Liferay systems and services, as well as mitigation instructions for deployments.

© 2026 Liferay Inc. Todos los derechos reservados |

Política de cookies

Cómo empezar

Ayuda del Portal del cliente

Liferay Learn

Base de conocimiento

Visión general de seguridad

Informes de seguridad

Release Notes

Actualizaciones del Portal del cliente

Descargas

Mis tickets

Abre un ticket

Escala un ticket

Cobertura de soporte

Servicios y compatibilidad

Contáctanos

Eventos de cliente

Security

Elastic Stack and Liferay Enterprise Search Security Advisory: CVE-2024-37285, CVE-2024-37288

announced, Liferay has disabled TLS 1.0 for inbound traffic on Liferay services and websites. Please navigate to the Vulnerability InformationKnowledge Base for a list of affected Liferay systems and services, as well as mitigation instructions for deployments.

© 2026 Liferay Inc. Todos los derechos reservados |

Política de cookies

announced, Liferay has disabled TLS 1.0 for inbound traffic on Liferay services and websites.

Please navigate to the Vulnerability Information Knowledge Base for a list of affected Liferay systems and services, as well as mitigation instructions for deployments.