Org.richfaces:richfaces-core
This hub aggregates every CVE we track for Org.richfaces:richfaces-core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
3
Critical
0
High
1
In CISA KEV
Severity distribution
CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Org.richfaces:richfaces-core.
- CVE-2018-14667The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitra...KEV9.8
- CVE-2018-12533JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an o...9.8
- CVE-2018-12532JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResourc...9.8
Product normalization is registry-driven with AI assist and human review. How it works