GHSA-XFXV-F945-4QV6 JBoss RichFaces Improper Input Validation vulnerability

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

JVN#38787103: JBoss RichFaces vulnerable to remote code execution

JBoss RichFaces is a framework for integrating Ajax into web applications. JBoss RichFaces applications contain a deserialization interface where end users may provide input. This interface may deserialize untrusted data, which may lead to arbitrary code execution. Impact When specially crafted...