Lucene search
K

27 matches found

CNNVD
CNNVD
added 2023/10/25 12:0 a.m.55 views

GeoServer 代码问题漏洞

GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. GeoServer suffers from a server-side request forgery vulnerability that stems from the fact that the OGC Web Processing Service WPS specification is designed to process information from an...

9.8CVSS6.6AI score0.67715EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/24 10:14 p.m.43 views

CVE-2023-43795 WPS Server Side Request Forgery in GeoServer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...

8.6CVSS9.6AI score0.67715EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/24 10:14 p.m.13 views

CVE-2023-43795 WPS Server Side Request Forgery in GeoServer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...

8.6CVSS6.5AI score0.67715EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.2 views

PT-2023-28987 · Geoserver · Geoserver

Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.22.5 GeoServer versions prior to 2.23.2 GeoServer version 2.20.5 GeoServer version 2.21.0 Description: The OGC Web Processing Service WPS specification in GeoServer allows processing of information from any serve...

9.8CVSS9.3AI score0.67715EPSS
Exploits0References11
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.5 views

GeoServer 安全漏洞

GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. A code execution vulnerability exists in GeoServer. The vulnerability stems from java.lang.Runtime.getRuntime.exec in wps:LiteralData failing to correctly filter the special elements of th...

9.8CVSS8.1AI score0.43235EPSS
Exploits0References3
OSV
OSV
added 2021/08/23 1:15 a.m.2 views

UBUNTU-CVE-2021-39371

An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...

7.5CVSS5.8AI score0.01524EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/08/23 1:15 a.m.3 views

datacube-wps (>=0.4.0 <=0.4.8) potentially affected by CVE-2021-39371 via pywps (=4.2.4)

pywps PYPI version =4.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on pywps and may be impacted: - datacube-wps =0.4.0, =0.4.8 Source cves: CVE-2021-39371 Source advisory: OSV:PYSEC-2021-121...

7.5CVSS7.1AI score0.01524EPSS
Exploits0
Rows per page
Query Builder