GCVE - cpe:2.3:a:eclipse:glassfish:7.0.15:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:eclipse:glassfish:7.0.15:*:*:*:*:*:*:*

part: a version: 7.0.15 update: *

Vendor	Eclipse (`fa988180-604e-5c1f-93ea-65b5297000fc`)
Product	Glassfish (`3ed658dd-1a46-5076-aec6-4bc3a9429438`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/glassfish`	purl2cpe	2026-06-01 10:15:03.046229
`pkg:github/eclipse-ee4j/glassfish`	purl2cpe	2026-06-01 10:15:03.046231
`pkg:golang/github.com/eclipse-ee4j/glassfish`	purl2cpe	2026-06-01 10:15:03.046232

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-9343`	vulnerable	2026-06-03 14:58:21.038880	Details available In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console. Published: 2025-07-16T10:47:55.853Z Updated: 2025-07-16T14:39:10.179Z Open on db.gcve.eu Reference links https://gitlab.eclipse.org/security/cve-assignement/-/issues/37	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10032`	vulnerable	2026-06-03 14:54:04.779525	Details available In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console. Published: 2025-07-16T11:07:55.848Z Updated: 2025-07-16T14:38:55.074Z Open on db.gcve.eu Reference links https://gitlab.eclipse.org/security/cve-assignement/-/issues/42	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10031`	vulnerable	2026-06-03 14:54:04.779192	Details available In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system. Published: 2025-07-16T11:02:51.419Z Updated: 2025-07-16T14:38:59.823Z Open on db.gcve.eu Reference links https://gitlab.eclipse.org/security/cve-assignement/-/issues/41	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10029`	vulnerable	2026-06-03 14:54:04.778618	Details available In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console. Published: 2025-07-16T10:55:35.408Z Updated: 2025-07-16T14:39:05.571Z Open on db.gcve.eu Reference links https://gitlab.eclipse.org/security/cve-assignement/-/issues/40	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.