Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
org.glassfish.main.distributions/glassfish… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
org.glassfish.main.distributions
glassfish
8.0.1
glassfish 8.0.1
Latest
org.glassfish.main.distributions
Published
Mar 25, 2026
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
84
Versions
84
Vulnerabilities
20
Vulnerabilities
20
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(2)
High
(0)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
9.8
CVE-2018-14324
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a "jmx_rmi remote monitoring and control problem." NOTE: this is not an Oracle supported product.
affected
Severity
Critical
Published
Aug 2, 2018
9.8
CVE-2017-1000030
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.
affected
Severity
Critical
Published
Jun 22, 2017
