CVSS: 10.0EPSS: 77%CPEs: 2EXPL: 0CVE-2023-43795 – WPS Server Side Request Forgery in GeoServer
https://notcve.org/view.php?id=CVE-2023-43795
24 Oct 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2. GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. • https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41339 – Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer
https://notcve.org/view.php?id=CVE-2023-41339
24 Oct 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an ``sld=
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27476 – XML External Entity (XXE) Injection in OWSLib
https://notcve.org/view.php?id=CVE-2023-27476
07 Mar 2023 — OWSLib is a Python package for client programming with Open Geospatial Consortium (OGC) web service interface standards, and their related content models. OWSLib's XML parser (which supports both `lxml` and `xml.etree`) does not disable entity resolution, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase. This issue has been addressed in version 0.28.1. All users are advised to upgrade. • https://github.com/geopython/OWSLib/pull/863/commits/b92687702be9576c0681bb11cad21eb631b9122f • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 91%CPEs: 5EXPL: 6CVE-2023-25157 – Unfiltered SQL Injection Vulnerabilities in Geoserver
https://notcve.org/view.php?id=CVE-2023-25157
21 Feb 2023 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrad... • https://github.com/dr-cable-tv/Geoserver-CVE-2023-25157 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0699
https://notcve.org/view.php?id=CVE-2022-0699
17 Oct 2022 — A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc. Se presenta una condición de doble liberación en el archivo contrib/shpsort.c de shapelib versiones 1.5.0 y anteriores. Este problema puede permitir a un atacante causar una denegación de servicio o tener otro impacto no especificado por medio del control de malloc • https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28398
https://notcve.org/view.php?id=CVE-2021-28398
05 Sep 2022 — A privileged attacker in GeoNetwork before 3.12.0 and 4.x before 4.0.4 can use the directory harvester before-script to execute arbitrary OS commands remotely on the hosting infrastructure. A User Administrator or Administrator account is required to perform this. This occurs in the runBeforeScript method in harvesters/src/main/java/org/fao/geonet/kernel/harvest/harvester/localfilesystem/LocalFilesystemHarvester.java. The earliest affected version is 3.4.0. Un atacante privilegiado en GeoNetwork versiones a... • https://geonetwork-opensource.org • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 92%CPEs: 2EXPL: 1CVE-2021-40822
https://notcve.org/view.php?id=CVE-2021-40822
01 May 2022 — GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host. GeoServer versiones hasta 2.18.5 y versiones 2.19.x hasta 2.19.2, permite un ataque de tipo SSRF por medio de la opción de establecer un host proxy • https://github.com/phor3nsic/CVE-2021-40822 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24847 – Improper Input Validation in GeoServer
https://notcve.org/view.php?id=CVE-2022-24847
13 Apr 2022 — GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. The same can happen while configuring data stores with data sources located in JNDI, or while setting up the disk quota mechanism. In order to perform any of the above changes, the attack needs to have obtained admin rights and u... • https://github.com/geoserver/geoserver/security/advisories/GHSA-4pm3-f52j-8ggh • CWE-20: Improper Input Validation CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2021-45943 – Debian Security Advisory 5239-1
https://notcve.org/view.php?id=CVE-2021-45943
31 Dec 2021 — GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). GDAL versiones 3.3.0 hasta 3.4.0, presenta un desbordamiento de búfer en la región heap de la memoria en la función PCIDSK::CPCIDSKFile::ReadFromFile (llamado desde PCIDSK::CPCIDSKSegment::ReadFromFile y PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment). A heap-based buffer overflow vulnerability was discov... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41993 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39371
https://notcve.org/view.php?id=CVE-2021-39371
23 Aug 2021 — An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected. Una inyección de entidad externa XML (XXE) en PyWPS antes de la versión 4.4.5 permite a un atacante ver archivos en el sistema de archivos del servidor de aplicaciones asignando una ruta a la entidad. OWSLib versión 0.24.1 también puede estar afectado • https://github.com/geopython/OWSLib/issues/790 • CWE-611: Improper Restriction of XML External Entity Reference •