GeoServer 2.25.2

CPE Details

GeoServer 2.25.2
geoserver
geoserver
2.25.2
2024-07-02
12h37 +00:00
2024-07-02
12h37 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:geoserver:geoserver:2.25.2:*:*:*:*:*:*:*

Informations

Vendor

geoserver

Product

geoserver

Version

2.25.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-35042 2023-06-11 22h00 +00:00 GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version.
9.8
Critique