VYPR
Moderate severityNVD Advisory· Published Mar 31, 2014· Updated Jun 17, 2026

CVE-2014-0086

CVE-2014-0086

Description

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.richfaces:richfacesMaven
>= 4.3.4, <= 4.3.5
org.richfaces:richfacesMaven
>= 5.0.0.Alpha1, < 5.0.0.Alpha35.0.0.Alpha3

Affected products

7
  • cpe:2.3:a:redhat:jboss_web_framework_kit:2.5.0:*:*:*:*:*:*:*
  • Red Hat/Richfaces5 versions
    cpe:2.3:a:redhat:richfaces:4.3.4:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:redhat:richfaces:4.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:richfaces:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:richfaces:5.0.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:redhat:richfaces:5.0.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:redhat:richfaces:5.0.0:alpha3:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 4.3.4, <= 4.3.5

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.