Vulnerabilities > Geoserver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-36401 | Code Injection vulnerability in multiple products GeoServer is an open source server that allows users to share and edit geospatial data. | 9.8 |
| 2024-07-01 | CVE-2024-34696 | Unspecified vulnerability in Geoserver GeoServer is an open source server that allows users to share and edit geospatial data. | 4.9 |
| 2023-10-26 | CVE-2023-5786 | Forced Browsing vulnerability in Geoserver Geowebcache A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. | 8.8 |
| 2023-06-12 | CVE-2023-35042 | Unspecified vulnerability in Geoserver GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. | 9.8 |
| 2022-04-14 | CVE-2022-24846 | Deserialization of Untrusted Data vulnerability in Geoserver Geowebcache GeoWebCache is a tile caching server implemented in Java. | 6.5 |
| 2009-09-14 | CVE-2008-7227 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Geoserver PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors. | 5.0 |