VYPR

Maven package

org.geoserver/gs-rest

pkg:maven/org.geoserver/gs-rest

Vulnerabilities (2)

  • CVE-2025-27505Jun 10, 2025
    affected >= 2.26.0, < 2.26.3fixed 2.26.3

    GeoServer is an open source server that allows users to share and edit geospatial data. It is possible to bypass the default REST API security and access the index page. The REST API security handles rest and its subpaths but not rest with an extension (e.g., rest.html). The REST

  • CVE-2024-40625Jun 10, 2025
    affected < 2.26.0fixed 2.26.0

    GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allows attackers to upload files with a specified url (with {method} equals 'url') with no restri