CVE-2022-2712

In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed appl...

CVE-2024-8646

In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed.This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish.This vulnerability only affects applications that are explicitly deployed to the root...