Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
org.glassfish.main.distributions/glassfish… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
org.glassfish.main.distributions
glassfish
8.0.1
glassfish 8.0.1
Latest
org.glassfish.main.distributions
Published
Mar 25, 2026
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
84
Versions
84
Vulnerabilities
20
Vulnerabilities
20
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(9)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
5.4
CVE-2024-10032
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
affected
Severity
Medium
Published
Jul 28, 2025
6.1
CVE-2024-9343
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
affected
Severity
Medium
Published
Jul 28, 2025
6.1
CVE-2024-10029
In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console.
affected
Severity
Medium
Published
Jul 18, 2025
5.5
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
affected
Severity
Medium
5.5
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
affected
Severity
Medium
Published
Jul 15, 2021
6.1
CVE-2021-3314
Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
affected
Severity
Medium
Published
Jun 29, 2021
6.3
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
affected
Severity
Medium
4.2
CVE-2020-1732
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.
affected
Severity
Medium
Published
Mar 10, 2020
6.5
sonatype-2018-0330
Apache Ant - Path Traversal issue in archive extraction
affected
Severity
Medium
Published
Oct 11, 2018
Published
Jul 15, 2021
Published
May 18, 2020
