VYPR

Maven package

org.glassfish.main.web/web

pkg:maven/org.glassfish.main.web/web

Vulnerabilities (1)

  • CVE-2022-2712Jan 27, 2023
    affected >= 5.1.0, < 7.0.0fixed 7.0.0

    In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration file