GeoServer Security Vulnerabilities

GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that stems from the fact that if GeoServer is deployed in a Windows operating system using the Apache Tomcat web...

PT-2024-5226 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.23.5 and 2.24.3 Description: The issue is related to the GeoWebCache ByteStreamController class, where it is possible to bypass existing input validation and read arbitrary classpath resources with specific file...