VulnerableCode Package Details - pkg:maven/com.sun.faces/jsf-impl@2.1.7-06

Search for packages

Vulnerability	Summary	Fixed by
VCID-mgny-35f9-1qg4 Aliases: CVE-2013-3827 GHSA-q388-j7cw-ff7w	XML External Entity (XXE) injection This package allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.	2.1.19 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-s1tt-jj2t-5yc9 Aliases: CVE-2013-5855 GHSA-3m3r-82gc-53mj	XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions This package does not perform appropriate encoding when a `<h:outputText>` tag or EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.	2.2.6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mgny-35f9-1qg4
Aliases:
CVE-2013-3827
GHSA-q388-j7cw-ff7w

XML External Entity (XXE) injection This package allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.

2.1.19
Affected by 1 other vulnerability.

VCID-s1tt-jj2t-5yc9
Aliases:
CVE-2013-5855
GHSA-3m3r-82gc-53mj

XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions This package does not perform appropriate encoding when a `<h:outputText>` tag or EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.

2.2.6
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:31:44.682804+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.4.0
2026-04-16T20:30:55.247445+00:00	GitLab Importer	Affected by	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.4.0
2026-04-11T21:42:06.541557+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.3.0
2026-04-11T21:41:18.936555+00:00	GitLab Importer	Affected by	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.3.0
2026-04-02T21:56:16.811672+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.1.0
2026-04-02T21:55:29.661315+00:00	GitLab Importer	Affected by	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.1.0
2026-04-01T16:13:26.085305+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.0.0
2026-04-01T16:12:42.887107+00:00	GitLab Importer	Affected by	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.0.0