pkg:maven/org.geoserver/gs-main

Type maven

Namespace org.geoserver

Name gs-main

Known advisories, vulnerabilities and fixes for org.geoserver/gs-main package.

Repository: https://mvnrepository.com/artifact/org.geoserver/gs-main

High 3

Moderate 3

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	< 2.19.6 >= 2.20.0, < 2.20.4		CVE-2022-24847	MAVEN:GHSA-4PM3-F52J-8GGH	Improper Input Validation in GeoServer	high	2022-04-22T20:39:10 (2 years ago)
Fixed	= 2.19.6 = 2.20.4		CVE-2022-24847	MAVEN:GHSA-4PM3-F52J-8GGH	Improper Input Validation in GeoServer	high	2022-04-22T20:39:10 (2 years ago)
Affected	<= 2.23.4		CVE-2023-41877	MAVEN:GHSA-8G7V-VJRC-X4G5	GeoServer log file path traversal vulnerability	high	2024-03-20T14:45:21 (6 months ago)
Affected	< 1.6.1		CVE-2008-7227	MAVEN:GHSA-8HMH-MHQV-7638	PartialBufferOutputStream2 flush issues	moderate	2022-05-17T05:51:58 (2 years ago)
Fixed	= 1.6.1		CVE-2008-7227	MAVEN:GHSA-8HMH-MHQV-7638	PartialBufferOutputStream2 flush issues	moderate	2022-05-17T05:51:58 (2 years ago)
Affected	< 2.23.3		CVE-2024-23640	MAVEN:GHSA-9RFR-PF2X-G4XF	GeoServer's Style Publisher vulnerable to Stored Cross-Site Scripting (XSS)	moderate	2024-03-20T15:06:03 (6 months ago)
Fixed	= 2.23.3		CVE-2024-23640	MAVEN:GHSA-9RFR-PF2X-G4XF	GeoServer's Style Publisher vulnerable to Stored Cross-Site Scripting (XSS)	moderate	2024-03-20T15:06:03 (6 months ago)
Affected	>= 2.25.0, < 2.25.1 >= 2.10.0, < 2.24.4		CVE-2024-34696	MAVEN:GHSA-J59V-VGCR-HXVF	GeoServer's Server Status shows sensitive environmental variables and Java properties	moderate	2024-07-01T19:20:57 (2 months ago)
Fixed	= 2.25.1 = 2.24.4		CVE-2024-34696	MAVEN:GHSA-J59V-VGCR-HXVF	GeoServer's Server Status shows sensitive environmental variables and Java properties	moderate	2024-07-01T19:20:57 (2 months ago)
Affected	>= 2.19.0, <= 2.19.2 <= 2.18.5		CVE-2021-40822	MAVEN:GHSA-RR33-J5P5-PPF8	GeoServer allows SSRF via the option for setting a proxy host	high	2022-05-03T00:00:44 (2 years ago)