Security Advisory

CVE-2022-2712

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-27 00:00:00

Last updated 2025-03-27 18:48:26

Assigner eclipse

State PUBLISHED

Description

In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with ./. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code.

← Browse all CVEs View on cve.org ↗