497 matches found
CVE-2024-40625
GeoServer's CVE-2024-40625 affects the Coverage REST API endpoint /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} where {method} = 'url' can upload arbitrary URLs without validation, enabling Server Side Request Forgery. The issue is tied to unfiltered file URL input and ...
CVE-2024-40625 GeoServer Coverage REST API Allows Server Side Request Forgery
GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/workspaceName/coveragestores/storeName/method.format allows attackers to upload files with a specified url with method equals 'url' with no restrict. This vulnerability is fix...
CVE-2024-38524 GWC Home Page communicate version and revision information
GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPageHttpServletRequest, HttpServletResponse has no check to hide potentially sensitive information from users except for a hidden system property to hide the...
CVE-2024-38524
GeoServer/GeoWebCacheDispatcher.handleFrontPage has no check to hide sensitive information, exposing storage locations, config file paths, and temporarily server-start-time via the GeoWebCache home page. Affected component is org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletReques...
CVE-2024-38524 GWC Home Page communicate version and revision information
GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPageHttpServletRequest, HttpServletResponse has no check to hide potentially sensitive information from users except for a hidden system property to hide the...
CVE-2024-38524 GWC Home Page communicate version and revision information
GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPageHttpServletRequest, HttpServletResponse has no check to hide potentially sensitive information from users except for a hidden system property to hide the...
CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
CVE-2024-34711
GeoServer CVE-2024-34711 is an XML processing vulnerability caused by improper URI validation during XML External Entities (XEE) handling. The affected component relates to the internal URI filtering (PreventLocalEntityResolver) and a regex that can still enable an attacker to reach HTTP servers ...
CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...
CVE-2024-29198 GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the...
CVE-2024-29198 GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the...
CVE-2024-29198
CVE-2024-29198 affects GeoServer via an unauthenticated SSRF vulnerability in the Demo Request endpoint when Proxy Base URL is not set. The root cause is insufficient validation/controls in the TestWfsPost path, allowing the server to issue requests on behalf of an attacker to internal networks o...
CVE-2024-29198 GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Upgrading to GeoServer 2.24.4, or 2.25.2, removes the...
GHSA-MC43-4FQR-C965 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
Summary An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. Attacker can abuse this to scan internal networks and gain information about them then exploit further. Moreover,...
GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
Summary An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. Attacker can abuse this to scan internal networks and gain information about them then exploit further. Moreover,...
GHSA-5GW5-JCCF-6HXW GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
Summary It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Details A unauthenticated user can supply a request that will be issued by the server. This can be used to enumerate internal networks and also in the case of cloud...
GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
Summary It possible to achieve Service Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. Details A unauthenticated user can supply a request that will be issued by the server. This can be used to enumerate internal networks and also in the case of cloud...
GeoServer 安全漏洞
GeoServer is GeoServer open source an open source software server written in Java. It allows users to share and edit geospatial data. A security vulnerability exists in GeoServer that originates from malicious Jiffle script execution and could lead to a denial of service attack...
PT-2025-24663 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.26.0 Description: The issue concerns the Coverage REST API, specifically the endpoint "/workspaces/workspaceName/coveragestores/storeName/method.format", which allows attackers to upload files with a specified UR...