3 matches found
CVE-2022-24818
GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...
CVE-2022-24818
creationtimestamp| type| source ---|---|--- 2022-04-14 00:18:13+00:00| seen| https://t.me/cibsecurity/40742...
CVE-2022-24818
CVE-2022-24818 – GeoTools is an open‑source Java library for geospatial data. It is affected by unchecked JNDI lookups that can lead to class deserialization and arbitrary code execution when JNDI names are user‑provided. The vulnerability requires admin‑level login to trigger, and is mitigated b...