Vulnerabilidades en geoserver
31 resultadosCVE-2024-36401CRITICALRemote Code Execution (RCE) vulnerability in evaluating property name expressions in GeoserverEPSS 99.8%KEVCVE-2023-25157CRITICALUnfiltered SQL Injection Vulnerabilities in GeoserverEPSS 85.2%CVE-2023-43795HIGHWPS Server Side Request Forgery in GeoServerEPSS 67.7%CVE-2025-58360HIGHGeoServer is vulnerable to an Unauthenticated XML External Entities (XXE) attack via WMS GetMap featureEPSS 66.8%KEVCVE-2025-30220CRITICALGeoTools, GeoServer, and GeoNetwork XML External Entity (XXE) Processing Vulnerability in XSD schema handlingEPSS 49.2%CVE-2024-29198HIGHGeoServer Vulnerable to Unauthenticated SSRF via TestWfsPostEPSS 1.9%CVE-2023-51444HIGHGeoServer arbitrary file upload vulnerability in REST Coverage Store APIEPSS 1.9%CVE-2022-24847HIGHImproper Input Validation in GeoServerEPSS 1.4%CVE-2025-27505MEDIUMGeoServer Missing Authorization on REST API IndexEPSS 1.0%CVE-2023-5786MEDIUMGeoServer GeoWebCache rest.html direct requestEPSS 0.8%CVE-2023-41877HIGHGeoServer log file path traversal vulnerabilityEPSS 0.8%CVE-2024-24749HIGHClasspath resource disclosure in GWC Web Resource API on Windows / TomcatEPSS 0.8%CVE-2024-35230MEDIUMWelcome and About GeoServer pages communicate version and revision informationEPSS 0.7%CVE-2024-23634MEDIUMGeoServer arbitrary file renaming vulnerability in REST Coverage/Data Store APIEPSS 0.7%CVE-2025-27511HIGHGeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store ConnectionEPSS 0.6%CVE-2023-41339HIGHUnsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServerEPSS 0.5%CVE-2023-51445MEDIUMGeoServer Stored Cross-Site Scripting (XSS) vulnerability in REST Resources APIEPSS 0.5%CVE-2025-30145HIGHGeoServer has an Infinite Loop Vulnerability in Jiffle processEPSS 0.4%CVE-2024-23643MEDIUMGeoServer Stored Cross-Site Scripting (XSS) vulnerability in GWC Seed FormEPSS 0.4%CVE-2024-23640MEDIUMGeoServer Stored Cross-Site Scripting (XSS) vulnerability in Style PublisherEPSS 0.4%