Geoserver Latest Vulnerabilities

Sensitive Information Disclosure in GeoServer Versions

CVE-2024-35230

GeoserverGeoserver5.3MEDIUM

Remote Code Execution Vulnerability in GeoServer Prior to Versions 2.23.6, 2.24.4, and 2.25.2

CVE-2024-36401

GeoserverGeoserver📈💰👾🟡EPSS 94%🦅📰9.8CRITICAL

GeoServer Vulnerability Allows Access to Sensitive Information

CVE-2024-34696

GeoserverGeoserver4.9MEDIUM

Potential Security Vulnerability in GeoServer Prior to Versions 2.23.5 and 2.24.3

CVE-2024-24749

GeoserverGeoserver7.5HIGH

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

CVE-2024-23821

GeoserverGeoserver4.8MEDIUM

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Other Users' Browsers

CVE-2024-23819

GeoserverGeoserver4.8MEDIUM

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

CVE-2024-23818

GeoserverGeoserver4.8MEDIUM

Stored XSS vulnerability in GeoServer catalog

CVE-2024-23643

GeoserverGeoserver4.8MEDIUM

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

CVE-2024-23642

GeoserverGeoserver4.8MEDIUM

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

CVE-2024-23640

GeoserverGeoserver4.8MEDIUM

Arbitrary File Renaming Vulnerability in GeoServer Prior to 2.23.5 and 2.24.2

CVE-2024-23634

GeoserverGeoserver6MEDIUM

Stored XSS Vulnerability in GeoServer Could Allow Administrator Privilege Escalation

CVE-2023-51445

GeoserverGeoserver4.8MEDIUM

Arbitrary File Upload Vulnerability in GeoServer Could Lead to Remote Code Execution

CVE-2023-51444

GeoserverGeoserver📰7.2HIGH

Path Traversal Vulnerability in GeoServer Affects Administrator Trust

CVE-2023-41877

GeoserverGeoserver7.2HIGH

GeoServer GeoWebCache rest.html direct request

CVE-2023-5786

GeoserverGeowebcache5.3MEDIUM

Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer

CVE-2023-41339

GeoserverGeoserver8.6HIGH

WPS Server Side Request Forgery in GeoServer

CVE-2023-43795

geoservergeoserverEPSS 90%9.8CRITICAL

Remote Code Execution Vulnerability in GeoServer by GeoSolutions

CVE-2023-35042

GeoserverGeoserverEPSS 31%9.8CRITICAL

Unfiltered SQL Injection Vulnerabilities in Geoserver

CVE-2023-25157

GeoserverGeoserver👾🟡EPSS 93%9.8CRITICAL

Improper Input Validation in GeoServer

CVE-2022-24847

GeoserverGeoserver7.2HIGH

Buffer Flushing Issue in GeoServer Affects Service Exception Reporting

CVE-2008-7227

GeoserverGeoserver

geoserver Latest Vulnerabilities

Vulnerability Published:

Sort By:

16 December 2024

Sensitive Information Disclosure in GeoServer Versions

1 July 2024

Remote Code Execution Vulnerability in GeoServer Prior to Versions 2.23.6, 2.24.4, and 2.25.2

GeoServer Vulnerability Allows Access to Sensitive Information

Potential Security Vulnerability in GeoServer Prior to Versions 2.23.5 and 2.24.3

20 March 2024

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Other Users' Browsers

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

Stored XSS vulnerability in GeoServer catalog

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

Stored XSS Vulnerability in GeoServer Could Allow Authenticated Administrator to Execute JavaScript in Another User's Browser

Arbitrary File Renaming Vulnerability in GeoServer Prior to 2.23.5 and 2.24.2

Stored XSS Vulnerability in GeoServer Could Allow Administrator Privilege Escalation

Arbitrary File Upload Vulnerability in GeoServer Could Lead to Remote Code Execution

Path Traversal Vulnerability in GeoServer Affects Administrator Trust

26 October 2023

GeoServer GeoWebCache rest.html direct request

25 October 2023

Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer

WPS Server Side Request Forgery in GeoServer

12 June 2023

Remote Code Execution Vulnerability in GeoServer by GeoSolutions

21 February 2023

Unfiltered SQL Injection Vulnerabilities in Geoserver

13 April 2022

Improper Input Validation in GeoServer

14 September 2009

Buffer Flushing Issue in GeoServer Affects Service Exception Reporting