vulnerability-reports

[Eclipse Mosquitto] Integer Underflow in PROXY v2 SSL TLV Parser (CWE-191)

#551 · created Jun 23, 2026 by Gustavo Lima statusawaiting_project vulnerabilityunconfirmed
updated Jun 23, 2026
[Eclipse Langium] Prototype pollution in langium Module.merge()

#540 · created Jun 22, 2026 by Lukas Pühringer From_ML vulnerabilityregular_bug
- +5
- 8
updated Jun 23, 2026
Glassfish SSRF vulnerability in /download/log endpoint

#239 · created Sep 09, 2024 by Thomas Neidhart From_ML cvereserved intentionally-public vulnerabilityunconfirmed
- +6
- 33
updated Jun 15, 2026
Glassfish cross-side scripting in uploadFrame.jsf

#230 · created Jul 22, 2024 by Marta Rybczynska intentionally-public statusawaiting_project vulnerabilityconfirmed
- +6
- 22
updated Jun 15, 2026
Glasshfish cross-side scripting in auth-realm/admin-realm/list-users

#229 · created Jul 22, 2024 by Marta Rybczynska cvereserved intentionally-public statusawaiting_release vulnerabilityconfirmed
- +6
- 22
updated Jun 15, 2026
Glassfish cross-side scripting in standaloneInstanceConfigProperties.jsf

#228 · created Jul 22, 2024 by Marta Rybczynska cvereserved intentionally-public statusawaiting_project vulnerabilityconfirmed
- +6
- 22
updated Jun 15, 2026
Glassfish cross-side scripting in instanceName

#226 · created Jul 16, 2024 by Marta Rybczynska cvereserved intentionally-public statusawaiting_release vulnerabilityconfirmed
- +7
- 32
- 1
updated Jun 15, 2026

Copyright © Eclipse Foundation AISBL. All rights reserved. Privacy Policy | Terms of Use | Copyright Agent