Lucene search
K

129 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.12 views

CVE-2023-25157

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS6.7AI score0.85247EPSS
Exploits2References1
Fedora
Fedora
added 2023/11/29 1:39 a.m.33 views

[SECURITY] Fedora 37 Update: python-geopandas-0.14.1-1.fc37

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

9.8CVSS9.5AI score0.14414EPSS
Exploits0
Fedora
Fedora
added 2023/11/29 1:35 a.m.32 views

[SECURITY] Fedora 39 Update: python-geopandas-0.14.1-1.fc39

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

9.8CVSS9.5AI score0.14414EPSS
Exploits0
Fedora
Fedora
added 2023/11/29 1:29 a.m.25 views

[SECURITY] Fedora 38 Update: python-geopandas-0.14.1-1.fc38

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

9.8CVSS9.5AI score0.14414EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/29 12:0 a.m.19 views

Fedora: Security Advisory for python-geopandas (FEDORA-2023-8857bdcd95)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.14414EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/02/22 7:16 p.m.85 views

GeoTools OGC Filter SQL Injection Vulnerabilities

Impact GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations: 1. PropertyIsLike filter Requires PostGIS DataStore with...

9.8CVSS9.6AI score0.01072EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/02/22 7:16 p.m.49 views

GHSA-99C3-QC2Q-P94M GeoTools OGC Filter SQL Injection Vulnerabilities

Impact GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations: 1. PropertyIsLike filter Requires PostGIS DataStore with...

9.8CVSS9.9AI score0.01072EPSS
Exploits0References4
OSV
OSV
added 2023/02/22 7:15 p.m.30 views

GHSA-7G5F-WRX8-5CCF GeoServer OGC Filter SQL Injection Vulnerabilities

Impact GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is also supported through the Web Coverage Service WCS protocol for ImageMosaic coverages. SQL Injection...

9.8CVSS10AI score0.85247EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2023/02/22 7:15 p.m.76 views

GeoServer OGC Filter SQL Injection Vulnerabilities

Impact GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is also supported through the Web Coverage Service WCS protocol for ImageMosaic coverages. SQL Injection...

9.8CVSS9.7AI score0.85247EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2023/02/21 10:15 p.m.32 views

Code injection

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

7.5CVSS9.4AI score0.85247EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2023/02/21 9:15 p.m.48 views

CVE-2023-25158

GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...

9.8CVSS10AI score0.01072EPSS
Exploits0References2
Prion
Prion
added 2023/02/21 9:15 p.m.21 views

Sql injection

GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...

7.5CVSS9.8AI score0.01072EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/21 9:0 p.m.300 views

CVE-2023-25157

CVE-2023-25157 (GeoServer SQL Injection) is triggered by flaws in OGC Filter handling within GeoServer’s WFS/WMS/WCS inputs, enabling SQL injection via filters such as PropertyIsLike, strEndsWith, strStartsWith, jsonArrayContains, and FeatureId under certain datastore conditions. Public details c...

9.8CVSS9.4AI score0.85247EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2023/02/21 9:0 p.m.48 views

CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS8.2AI score0.85247EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/02/21 9:0 p.m.63 views

CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...

9.8CVSS9.6AI score0.85247EPSS
Exploits2References2
CVE
CVE
added 2023/02/21 8:57 p.m.102 views

CVE-2023-25158

CVE-2023-25158 (GeoTools) is a SQL injection vulnerability affecting the OGC Filter handling when used with JDBCDataStore implementations. The issue arises from unsafe SQL construction in filters such as PropertyIsLike, strEndsWith, strStartsWith, FeatureId, jsonArrayContains, and DWithin, leadin...

9.8CVSS10AI score0.01072EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/21 8:57 p.m.48 views

CVE-2023-25158 Unfiltered SQL Injection in Geotools

GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...

9.8CVSS10AI score0.01072EPSS
Exploits0References2
OSV
OSV
added 2023/02/21 8:57 p.m.38 views

CVE-2023-25158 Unfiltered SQL Injection in Geotools

GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...

9.8CVSS9.4AI score0.01072EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/21 12:0 a.m.7 views

PT-2023-19944 · Geotools · Geotools

Name of the Vulnerable Software and Affected Versions: GeoTools versions prior to 27.4 GeoTools versions prior to 28.2 Description: GeoTools is an open source Java library that provides tools for geospatial data. It includes support for OGC Filter expression language parsing, encoding and executi...

9.8CVSS9.8AI score0.01072EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.3 views

SUSE CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

7.5CVSS6.8AI score0.03046EPSS
Exploits1References4
Rows per page
Query Builder