Osgeo

Geoserver

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.29%
  • Veröffentlicht 18.06.2026 14:31:19
  • Zuletzt bearbeitet 22.06.2026 17:08:48

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a GeoServer that uses `ENTITY_RESOLUTION_ALLOWLIST` may allow attacker to perform unauthenticated Server-Side Request Forgery...

  • EPSS 0.35%
  • Veröffentlicht 18.06.2026 14:28:41
  • Zuletzt bearbeitet 24.06.2026 05:17:25

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrar...

  • EPSS 0.58%
  • Veröffentlicht 18.06.2026 14:23:01
  • Zuletzt bearbeitet 24.06.2026 05:17:25

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.27.0 of the GeoServer DB2 DataStore Extension, an administrator can perform a JNDI attack through specially crafted DB2 jdbc url leading to to ...

Exploit
  • EPSS 50.83%
  • Veröffentlicht 10.06.2025 15:16:39
  • Zuletzt bearbeitet 26.08.2025 16:10:11

GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity (XXE) exploit. This impacts whoever expos...

  • EPSS 0.43%
  • Veröffentlicht 10.06.2025 14:58:48
  • Zuletzt bearbeitet 26.08.2025 16:11:23

GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite ...

  • EPSS 1.02%
  • Veröffentlicht 10.06.2025 14:52:19
  • Zuletzt bearbeitet 26.08.2025 16:11:55

GeoServer is an open source server that allows users to share and edit geospatial data. It is possible to bypass the default REST API security and access the index page. The REST API security handles rest and its subpaths but not rest with an extensi...

  • EPSS 0.31%
  • Veröffentlicht 10.06.2025 14:49:05
  • Zuletzt bearbeitet 26.08.2025 16:22:20

GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allows attackers to upload files with a specified url (with {method...

Exploit
  • EPSS 0.37%
  • Veröffentlicht 10.06.2025 14:43:04
  • Zuletzt bearbeitet 26.08.2025 16:22:42

GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users e...

  • EPSS 0.26%
  • Veröffentlicht 10.06.2025 14:33:18
  • Zuletzt bearbeitet 26.08.2025 16:24:18

GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities (XEE) attack, then send GET request to any ...

  • EPSS 1.92%
  • Veröffentlicht 10.06.2025 14:27:39
  • Zuletzt bearbeitet 26.08.2025 16:25:00

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery (SSRF) via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to...