7 matches found
EUVD-2023-0320
Malicious code in bioql PyPI...
EUVD-2024-2827
Malicious code in bioql PyPI...
EUVD-2024-2746
Malicious code in bioql PyPI...
CVE-2024-9408
In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints...
CVE-2024-9408
Eclipse GlassFish 6.2.5 and later is affected by an SSRF vulnerability in specific endpoints due to insufficient validation of user-supplied URLs. The issue allows the server to initiate arbitrary network requests to internal or external resources. Public sources (including NVD, Red Hat, Veracode...
CVE-2024-9343
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...
PT-2023-12896 · Eclipse · Eclipse Glassfish
Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish versions 5.1.0 through 6.2.5 Description: The issue is related to relative path traversal, where the software does not filter request paths starting with './'. This could allow a remote unauthenticated attacker to access...