CVSS: 7.5EPSS: 93%CPEs: 1EXPL: 6CVE-2017-1000028 – Oracle Glassfish OSE 4.1 - Path Traversal
https://notcve.org/view.php?id=CVE-2017-1000028
13 Jul 2017 — Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request. Oracle, GlassFish Server Open Source Edition versión 4.1 es vulnerable a directorios identificados y no autorizados, que puede operarse emitiendo una petición GET de HTTP especialmente creada. • https://packetstorm.news/files/id/148892 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2010-4438
https://notcve.org/view.php?id=CVE-2010-4438
19 Jan 2011 — Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS). Vulnerabilidad no especificada en Oracle GlassFish v2.1, v2.1.1 y v3.0.1, y Java System Message Queue v4.1 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad, relacionado con Java Message Service (JMS). • http://osvdb.org/70572 •