VYPR

Glassfish

by Oracle Corporation

Source repositories

CVEs (3)

  • CVE-2018-14324CriJul 16, 2018
    risk 0.64cvss 9.8epss 0.04

    The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX…

  • CVE-2011-5035Dec 30, 2011
    risk 0.09cvss epss 0.69

    Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which…

  • CVE-2010-4438Jan 19, 2011
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS).