4 matches found
CVE-2022-24846
GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local...
CVE-2022-24846
creationtimestamp| type| source ---|---|--- 2022-04-15 02:19:25+00:00| seen| https://t.me/cibsecurity/40840...
CVE-2022-24846
CVE-2022-24846 affects GeoWebCache (Java) via the disk quota mechanism performing unchecked JNDI lookups, enabling class deserialization and arbitrary code execution. The issue is tied to JNDI strings supplied from local config in GeoWebCache and a remote UI in GeoServer that requires admin login...
CVE-2022-24846 Unchecked JNDI lookups in GeoWebCache
GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local...