VYPR

Geoserver

by Geoserver

Source repositories

CVEs (33)

  • CVE-2024-23819Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level…

  • CVE-2024-23818Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.1 that enables an authenticated administrator with workspace-level…

  • CVE-2024-23643Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.2 and 2.24.1 that enables an authenticated administrator with workspace-level…

  • CVE-2024-23642Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level…

  • CVE-2024-23640Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level…

  • CVE-2024-23634Mar 20, 2024
    risk 0.00cvss epss 0.01

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores…

  • CVE-2023-51445Mar 20, 2024
    risk 0.00cvss epss 0.00

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.23.3 and 2.24.0 that enables an authenticated administrator with workspace-level…

  • CVE-2023-51444Mar 20, 2024
    risk 0.00cvss epss 0.02

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file upload vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with permissions to modify coverage…

  • CVE-2023-41877Mar 20, 2024
    risk 0.00cvss epss 0.01

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for…

  • CVE-2023-41339Oct 24, 2023
    risk 0.00cvss epss 0.01

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an ``sld=`` parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the…

  • CVE-2023-25157Feb 21, 2023
    risk 0.00cvss epss 0.85

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service…

  • CVE-2022-24847Apr 13, 2022
    risk 0.00cvss epss 0.01

    GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code…

  • CVE-2008-7227Sep 14, 2009
    risk 0.00cvss epss 0.01

    PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors.

Page 2 of 2