org.primefaces:primefaces@5.2 vulnerabilities
-
latest version
14.0.0
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
15 days ago
-
licenses detected
- [4.0,7.0)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.primefaces:primefaces package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the attribute How to fix Cross-site Scripting (XSS)? Upgrade |
[0,12.0.0-RC1)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the attribute How to fix Cross-site Scripting (XSS)? Upgrade |
[0,12.0.0-RC1)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the attributes How to fix Cross-site Scripting (XSS)? Upgrade |
[0,12.0.0-RC1)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the attribute How to fix Cross-site Scripting (XSS)? Upgrade |
[0,12.0.0-RC1)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the attribute How to fix Cross-site Scripting (XSS)? Upgrade |
[0,12.0.0-RC1)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in How to fix Cross-site Scripting (XSS)? Upgrade |
[0,8.0)
|
org.primefaces:primefaces is an ultimate component suite for JavaServer Faces. Affected versions of this package are vulnerable to Information Exposure because How to fix Information Exposure? Upgrade |
[0,7.0.RC1)
|
Affected versions of [ How to fix Cross-site Scripting (XSS)? Upgrade |
[,6.2)
|
Affected versions of [ How to fix Cross-site Scripting (XSS)? Upgrade |
[,6.2)
|
Affected versions of this package are vulnerable to Arbitrary Code Execution due to a weak encryption flaw. An unauthenticated user may be able to inject arbitrary Expression Language code to the How to fix Arbitrary Code Execution? Upgrade |
[5.0,6.0)
|