CVE-2024-9408

Severity CVSS v4.0:
HIGH
Type:
CWE-918 Server-Side Request Forgery (SSRF)
Publication date:
16/07/2025
Last modified:
16/07/2025

Description

In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:eclipse:glassfish:6.2.5:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools