VulnerableCode Package Details - pkg:maven/com.sun.faces/jsf-impl@2.2.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.sun.faces/jsf-impl@2.2.6

Essentials
History (4)

purl	pkg:maven/com.sun.faces/jsf-impl@2.2.6

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-s1tt-jj2t-5yc9	XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions This package does not perform appropriate encoding when a `<h:outputText>` tag or EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.	CVE-2013-5855 GHSA-3m3r-82gc-53mj

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:31:44.927365+00:00	GitLab Importer	Fixing	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.4.0
2026-04-11T21:42:06.789945+00:00	GitLab Importer	Fixing	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.3.0
2026-04-02T21:56:17.039983+00:00	GitLab Importer	Fixing	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.1.0
2026-04-01T12:46:53.630644+00:00	GitLab Importer	Fixing	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.0.0