CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Eclipse: >> Glassfish Security Vulnerabilities

CVE-2023-5763

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.

CVSS Score

6.8

EPSS Score

0.002

Published

2023-11-03

CVE-2022-2712

In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code.

CVSS Score

6.5

EPSS Score

0.006

Published

2023-01-27

Page 2

Vulnerabilities

Vulnerable Software

Eclipse: >> Glassfish Security Vulnerabilities

Products

Pricing

Contact Us