Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Web Server

GlassFish

GlassFish is an open-source application server project started by Sun Microsystems for the Java EE platform then sponsored by Oracle Corporation and now living at the Eclipse Foundation and supported by Payara Oracle and Red Hat.

Official Site:

https://javaee.github.io/glassfish/

Severity Summary:

Critical: 6 High: 10 Medium: 20 Low: 4
Reference
Title
Severity
CVE-2016-3607
GlassFish Vulnerability
Critical
CVE-2015-7182
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Critical
CVE-2018-14324
GlassFish Use of Hard-coded Credentials Vulnerability
Critical
CVE-2017-1000030
GlassFish Improper Authentication Vulnerability
Critical
CVE-2016-5528
GlassFish Vulnerability
Critical
CVE-2011-0807
GlassFish Vulnerability
Critical
CVE-2017-3249
GlassFish Vulnerability
High
CVE-2016-1950
GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2018-3152
GlassFish Vulnerability
High
CVE-2011-3559
GlassFish Vulnerability
High
CVE-2016-5519
GlassFish Vulnerability
High
CVE-2017-3250
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2017-1000028
GlassFish Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2017-1000029
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2017-10391
GlassFish Vulnerability
High
CVE-2018-2911
GlassFish Vulnerability
High
CVE-2012-0551
GlassFish Vulnerability
Medium
CVE-2009-1553
GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2010-4438
GlassFish Vulnerability
Medium
CVE-2008-5266
GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-5035
GlassFish Improper Input Validation Vulnerability
Medium
CVE-2008-2751
GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-3314
GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-0104
GlassFish Vulnerability
Medium
CVE-2012-0550
GlassFish Vulnerability
Medium
CVE-2018-3210
GlassFish Vulnerability
Medium
CVE-2012-3155
GlassFish Vulnerability
Medium
CVE-2013-1508
GlassFish Vulnerability
Medium
CVE-2015-3237
GlassFish Improper Input Validation Vulnerability
Medium
CVE-2016-3608
GlassFish Vulnerability
Medium