VYPR

Richfaces

by Red Hat

CVEs (3)

  • CVE-2013-2165Jul 23, 2013
    risk 0.01cvss epss 0.13

    ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through…

  • CVE-2015-0279Mar 26, 2015
    risk 0.00cvss epss 0.04

    JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.

  • CVE-2014-0086Mar 31, 2014
    risk 0.00cvss epss 0.01

    The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a large number of malformed atmosphere push requests.