129 matches found
CVE-2023-25157
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...
[SECURITY] Fedora 37 Update: python-geopandas-0.14.1-1.fc37
GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...
[SECURITY] Fedora 39 Update: python-geopandas-0.14.1-1.fc39
GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...
[SECURITY] Fedora 38 Update: python-geopandas-0.14.1-1.fc38
GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...
Fedora: Security Advisory for python-geopandas (FEDORA-2023-8857bdcd95)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GeoTools OGC Filter SQL Injection Vulnerabilities
Impact GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations: 1. PropertyIsLike filter Requires PostGIS DataStore with...
GHSA-99C3-QC2Q-P94M GeoTools OGC Filter SQL Injection Vulnerabilities
Impact GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations: 1. PropertyIsLike filter Requires PostGIS DataStore with...
GHSA-7G5F-WRX8-5CCF GeoServer OGC Filter SQL Injection Vulnerabilities
Impact GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is also supported through the Web Coverage Service WCS protocol for ImageMosaic coverages. SQL Injection...
GeoServer OGC Filter SQL Injection Vulnerabilities
Impact GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is also supported through the Web Coverage Service WCS protocol for ImageMosaic coverages. SQL Injection...
Code injection
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...
CVE-2023-25158
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...
Sql injection
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...
CVE-2023-25157
CVE-2023-25157 (GeoServer SQL Injection) is triggered by flaws in OGC Filter handling within GeoServer’s WFS/WMS/WCS inputs, enabling SQL injection via filters such as PropertyIsLike, strEndsWith, strStartsWith, jsonArrayContains, and FeatureId under certain datastore conditions. Public details c...
CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...
CVE-2023-25157 Unfiltered SQL Injection Vulnerabilities in Geoserver
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols. CQL is...
CVE-2023-25158
CVE-2023-25158 (GeoTools) is a SQL injection vulnerability affecting the OGC Filter handling when used with JDBCDataStore implementations. The issue arises from unsafe SQL construction in filters such as PropertyIsLike, strEndsWith, strStartsWith, FeatureId, jsonArrayContains, and DWithin, leadin...
CVE-2023-25158 Unfiltered SQL Injection in Geotools
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...
CVE-2023-25158 Unfiltered SQL Injection in Geotools
GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore...
PT-2023-19944 · Geotools · Geotools
Name of the Vulnerable Software and Affected Versions: GeoTools versions prior to 27.4 GeoTools versions prior to 28.2 Description: GeoTools is an open source Java library that provides tools for geospatial data. It includes support for OGC Filter expression language parsing, encoding and executi...
SUSE CVE-2017-18359
PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...