Vulnerabilities > Apache > Myfaces > 2.0.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-08 | CVE-2011-4343 | Information Exposure vulnerability in Apache Myfaces Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters. | 5.0 |
2014-06-19 | CVE-2011-4367 | Path Traversal vulnerability in Apache Myfaces Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. | 5.0 |