CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8646

In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed. This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish. This vulnerability only affects applications that are explicitly deployed to the root context ('/').

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.2%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2024-8646

Eclipse » Glassfish » Version: 5.1.0

cpe:2.3:a:eclipse:glassfish:5.1.0
Eclipse » Glassfish » Version: 6.0.0

cpe:2.3:a:eclipse:glassfish:6.0.0
Eclipse » Glassfish » Version: 6.2.5

cpe:2.3:a:eclipse:glassfish:6.2.5
Eclipse » Glassfish » Version: 7.0.1

cpe:2.3:a:eclipse:glassfish:7.0.1
Eclipse » Glassfish » Version: 7.0.2

cpe:2.3:a:eclipse:glassfish:7.0.2
Eclipse » Glassfish » Version: 7.0.3

cpe:2.3:a:eclipse:glassfish:7.0.3
Eclipse » Glassfish » Version: 7.0.4

cpe:2.3:a:eclipse:glassfish:7.0.4
Eclipse » Glassfish » Version: 7.0.5

cpe:2.3:a:eclipse:glassfish:7.0.5
Eclipse » Glassfish » Version: 7.0.6

cpe:2.3:a:eclipse:glassfish:7.0.6
Eclipse » Glassfish » Version: 7.0.7

cpe:2.3:a:eclipse:glassfish:7.0.7
Eclipse » Glassfish » Version: 7.0.8

cpe:2.3:a:eclipse:glassfish:7.0.8
Eclipse » Glassfish » Version: 7.0.9

cpe:2.3:a:eclipse:glassfish:7.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-8646

Products

Pricing

Contact Us