Skip to main content

Jboss Web Framework Kit

4 CVEs product

Monthly

CVE-2014-0248 MEDIUM This Month

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Code Injection Red Hat Jboss Enterprise Application Platform Jboss Enterprise Web Platform +1
NVD
CVSS 2.0
6.8
EPSS
2.3%
CVE-2014-0149 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter or (2) id name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Red Hat Jboss Web Framework Kit
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0086 Maven MEDIUM POC PATCH This Month

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Java Jboss Web Framework Kit Richfaces
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-2165 Maven HIGH PATCH Act Now

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.1%.

Red Hat Privilege Escalation Java Deserialization RCE +8
NVD
CVSS 2.0
7.5
EPSS
24.1%
EPSS 2% CVSS 6.8
MEDIUM This Month

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Code Injection Red Hat +3
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss Web Framework Kit 2.5.0 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter or (2) id name. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Red Hat Jboss Web Framework Kit
NVD VulDB
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Java Jboss Web Framework Kit +1
NVD GitHub VulDB
EPSS 24% CVSS 7.5
HIGH PATCH Act Now

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.1%.

Red Hat Privilege Escalation Java +10
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy