VYPR

Maven package

org.geoserver/gs-wps

pkg:maven/org.geoserver/gs-wps

Vulnerabilities (1)

  • CVE-2023-35042Jun 12, 2023
    affected < 2.18.6fixed 2.18.6

    GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in