27 matches found
GeoServer 代码问题漏洞
GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. GeoServer suffers from a server-side request forgery vulnerability that stems from the fact that the OGC Web Processing Service WPS specification is designed to process information from an...
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
CVE-2023-43795 WPS Server Side Request Forgery in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...
PT-2023-28987 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.22.5 GeoServer versions prior to 2.23.2 GeoServer version 2.20.5 GeoServer version 2.21.0 Description: The OGC Web Processing Service WPS specification in GeoServer allows processing of information from any serve...
GeoServer 安全漏洞
GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. A code execution vulnerability exists in GeoServer. The vulnerability stems from java.lang.Runtime.getRuntime.exec in wps:LiteralData failing to correctly filter the special elements of th...
UBUNTU-CVE-2021-39371
An XML external entity XXE injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected...
datacube-wps (>=0.4.0 <=0.4.8) potentially affected by CVE-2021-39371 via pywps (=4.2.4)
pywps PYPI version =4.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on pywps and may be impacted: - datacube-wps =0.4.0, =0.4.8 Source cves: CVE-2021-39371 Source advisory: OSV:PYSEC-2021-121...