4 matches found
CVE-2024-32037
GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software...
GHSA-52RF-25HQ-5M33 GeoNetwork search end-point information disclosure in response headers
Impact The search end-point response headers contain information about Elasticsearch software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Patches GeoNetwork 4.4.5 / 4.2.10 Workarounds None References -...
CVE-2024-32037
GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software...
CVE-2024-32037 GeoNetwork vulnerable to search end-point information disclosure in response headers
GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software...