CVE-2025-30220
- EPSS 3.99%
- Veröffentlicht 10.06.2025 15:16:39
- Zuletzt bearbeitet 26.08.2025 16:10:11
GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity (XXE) exploit. This impacts whoever expos...
CVE-2024-36404
- EPSS 89.44%
- Veröffentlicht 02.07.2024 14:15:13
- Zuletzt bearbeitet 21.11.2024 09:22:06
GeoTools is an open source Java library that provides tools for geospatial data. Prior to versions 31.2, 30.4, and 29.6, Remote Code Execution (RCE) is possible if an application uses certain GeoTools functionality to evaluate XPath expressions suppl...
CVE-2024-36401
- EPSS 94.43%
- Veröffentlicht 01.07.2024 16:15:04
- Zuletzt bearbeitet 25.08.2025 02:17:03
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially...
CVE-2023-25158
- EPSS 1.14%
- Veröffentlicht 21.02.2023 21:15:11
- Zuletzt bearbeitet 21.11.2024 07:49:13
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found ...
CVE-2022-24818
- EPSS 8.24%
- Veröffentlicht 13.04.2022 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:51:09
GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbit...