VYPR

Maven package

org.geoserver/gs-gwc

pkg:maven/org.geoserver/gs-gwc

Vulnerabilities (3)

  • CVE-2024-38524Jun 10, 2025
    affected >= 2.26.0, < 2.26.2fixed 2.26.2

    GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users except for a hidden system prop

  • CVE-2024-24749Jul 1, 2024
    affected < 2.23.5fixed 2.23.5

    GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation

  • CVE-2024-23821Mar 20, 2024
    affected >= 2.24.0, < 2.24.1fixed 2.24.1

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privil