Eclipse Glassfish
By the Year
In 2024 there have been 0 vulnerabilities in Eclipse Glassfish . Last year Glassfish had 2 security vulnerabilities published. Right now, Glassfish is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 8.65 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Glassfish vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Eclipse Glassfish Security Vulnerabilities
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191)
CVE-2023-5763
9.8 - Critical
- November 03, 2023
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.
Improper Control of Dynamically-Managed Code Resources
In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal
CVE-2022-2712
7.5 - High
- January 27, 2023
In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Eclipse Glassfish or by Eclipse? Click the Watch button to subscribe.
