2 matches found
GHSA-XFXV-F945-4QV6 JBoss RichFaces Improper Input Validation vulnerability
The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...
Tufin Secure Change Remote Code Execution Exploit
Tufin SecureChange uses Richfaces version 4.3.5 which suffers from a remote code execution vulnerability. Product: Secure Change Vendor: Tufin Subject: Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 unauthenticated RCE CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H base score...