14 matches found
Security update for mapserver (moderate)
openSUSE security update: security update for mapserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20476-1 Rating: moderate References: bsc1260869 Cross-References: CVE-2026-33721 Affected Products: openSUSE Leap 16.0...
CVE-2025-21621
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...
CVE-2025-21621
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...
EUVD-2025-199607
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...
GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
Summary A reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's browser through specially crafted SLDBODY parameters. Details The WMS service setting that controls HTML...
PT-2025-48090
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.25.0, a reflected cross-site scripting XSS vulnerability exists in the WMS GetFeatureInfo HTML output format that enables a remote attacker to execute arbitrary JavaScript code in a victim's...
SUSE CVE-2025-40089
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
EUVD-2025-36989
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
CVE-2025-40089
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
UBUNTU-CVE-2025-40089
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
CVE-2025-40089
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
CVE-2025-40089 cxl/features: Add check for no entries in cxl_feature_info
In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...
CVE-2025-40089
CVE-2025-40089 concerns a kernel NULL pointer dereference in cxl_feature_info() when cxlfs can be NULL if hardware features are not present. The fix adds a check for cxlfs before dereferencing and returns -EOPNOTSUPP when no cxlfs exist due to lack of hardware support. Connected sources (e.g., OS...
Linux Distros Unpatched Vulnerability : CVE-2025-40089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to ge...