Maven package
org.glassfish.main.web/web
pkg:maven/org.glassfish.main.web/web
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2712 | — | >= 5.1.0, < 7.0.0 | 7.0.0 | Jan 27, 2023 | In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration file |
- CVE-2022-2712Jan 27, 2023affected >= 5.1.0, < 7.0.0fixed 7.0.0
In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration file