Org.geoserver:gs-main
This hub aggregates every CVE we track for Org.geoserver:gs-main, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH3
Monthly trend
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Org.geoserver:gs-main.
- CVE-2025-58175GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution6.5
- CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties4.5
- CVE-2024-23640GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Style Publisher4.8
- CVE-2023-41877GeoServer log file path traversal vulnerability7.2
- CVE-2021-40822GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.7.5
- CVE-2022-24847Improper Input Validation in GeoServer7.2
- CVE-2008-7227PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exce...5.0
Product normalization is registry-driven with AI assist and human review. How it works