CVE-2017-1000486 on PrimeFaces 6.2 ?

UI Components for JSF
Post Reply
Posts: 1
Joined: 05 Dec 2018, 19:48

05 Dec 2018, 19:58

we are upgrading our PrimeFaces 6.1 installation due to CVE-2017-1000486 vulnerability.
We think that the problem has been solved by this commit ... e8772fd3d9
and already fixed in community 6.2 version.

Can you confirm that you think this version is not affected by CVE-2017-1000486 ?


PrimeFaces Core Developer
Posts: 3554
Joined: 03 Dec 2010, 14:11
Location: Bavaria, DE

06 Dec 2018, 10:20

Always Bet On Prime (+ Extensions)!

Thomas Andraschko
PrimeFaces Developer | PrimeFaces Extensions Founder
Apache OpenWebBeans PMC | Apache DeltaSpike PMC | Apache MyFaces PMC

Personal Blog:

Post Reply

Return to “PrimeFaces”

  • Information
  • Who is online

    Users browsing this forum: Baidu [Spider] and 12 guests