Skip to content

[glassfish] Glassfish SSRF vulnerability in /download/log endpoint

The Eclipse Foundation is a Common Vulnerabilities and Exposures (CVE) Numbering Authority. This issue it used to request and track the progress of the assignment of a CVE for a vulnerability in the project code for an Eclipse open source project.

Basic information

Project name: Eclipse Glassfish

Project id: ee4j.glassfish

Request type: reservation/publication

Versions affected: {versions}

Common Weakness Enumeration:

Common Vulnerability Scoring System: {cvss}

Summary:

In {name} versions {versions}, ...

Links:

  • {primary resolution link}
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent