Glassfish | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Kategori: Glassfish - CVE listesi
PRODUCT 6 kayıt
High CVSS: 8.9

CVE-2024-9408

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.
Medium CVSS: 6.1

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
Medium CVSS: 6.3

CVE-2024-9342

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts.
Medium CVSS: 6.1

CVE-2024-10032

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
Medium CVSS: 5.8

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system.
Medium CVSS: 4.5

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console.