4 matches found
CVE-2024-36401
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer...
CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer...
CVE-2023-41339 Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an sld= parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles,...
CVE-2023-41339
GeoServer exposes a Server-Side Request Forgery (SSRF) risk via the dynamic styling parameter sld= in GetMap/GetLegendGraphic/GetFeatureInfo when URL checks are not configured. The vulnerability enables an attacker to cause the server to fetch external resources, potentially capturing NetNTLMv2 h...