Glassfish Security Vulnerabilities and Issues — Glassfish CVE List

Lucene search

EclipseGlassfish

6 matches found

CVE•added 2025/07/16 11:15 a.m.•6 views

CVE-2024-10032

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.4AI score0.00025EPSS

CVE•added 2025/07/16 11:15 a.m.•5 views

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.6AI score0.00027EPSS

CVE•added 2025/07/16 11:15 a.m.•5 views

CVE-2024-9342

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts.

9.8CVSS7.1AI score0.00041EPSS

CVE•added 2025/07/16 11:15 a.m.•5 views

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.4AI score0.00027EPSS

CVE•added 2025/07/16 12:15 p.m.•5 views

CVE-2024-9408

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.

9.8CVSS6.6AI score0.00051EPSS

CVE•added 2025/07/16 11:15 a.m.•4 views

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scriptingattacks by modifying the configuration file in the underlying operating system.

5.8CVSS6.4AI score0.00021EPSS