CVE-2025-30220
- EPSS 3.99%
- Published 10.06.2025 15:16:39
- Last modified 26.08.2025 16:10:11
GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity (XXE) exploit. This impacts whoever expos...
CVE-2024-36404
- EPSS 89.44%
- Published 02.07.2024 14:15:13
- Last modified 21.11.2024 09:22:06
GeoTools is an open source Java library that provides tools for geospatial data. Prior to versions 31.2, 30.4, and 29.6, Remote Code Execution (RCE) is possible if an application uses certain GeoTools functionality to evaluate XPath expressions suppl...
CVE-2024-36401
- EPSS 94.43%
- Published 01.07.2024 16:15:04
- Last modified 25.08.2025 02:17:03
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially...
CVE-2023-25158
- EPSS 1.14%
- Published 21.02.2023 21:15:11
- Last modified 21.11.2024 07:49:13
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found ...
CVE-2022-24818
- EPSS 8.24%
- Published 13.04.2022 21:15:07
- Last modified 21.11.2024 06:51:09
GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbit...