Eclipse · Eclipse Glassfish · CVE-2024-9408
**Name of the Vulnerable Software and Affected Versions**
Eclipse GlassFish versions 6.2.5 and later
**Description**
Eclipse GlassFish is susceptible to a Server Side Request Forgery (SSRF) attack affecting specific endpoints. SSRF occurs when an attacker can induce the server to make requests to unintended locations.
**Recommendations**
Eclipse GlassFish versions 6.2.5 and later: Address the issue by restricting access to the affected endpoints.