16 Total advisories
16 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 6.5
CVE-2025-58175
GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution
HIGH 7.2
CVE-2025-52465
GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page
HIGH 8.2
CVE-2025-30220
[XBOW-025-068] XML External Entity (XXE) Processing Vulnerability in GeoServer WFS Service
CRITICAL 9.8
CVE-2024-36401
Remote Code Execution (RCE) vulnerability in geoserver
HIGH 8.2
CVE-2025-58360
GeoServer is vulnerable to Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature
MEDIUM 6.1
CVE-2025-21621
GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
HIGH 7.5
CVE-2024-24749
Classpath resource disclosure in GWC Web Resource API on Windows / Tomcat
HIGH 7.5
CVE-2025-30145
GeoServer Infinite Loop Vulnerability in Jiffle process
MEDIUM 5.3
CVE-2025-27505
GeoServer Missing Authorization on REST API Index
MEDIUM 5.5
CVE-2024-40625
Coverage REST API Server Side Request Forgery
MEDIUM 5.3
CVE-2024-38524
GWC Home Page communicate version and revision information
CRITICAL 9.3
CVE-2024-34711
GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
MEDIUM 5.3
CVE-2024-35230
Welcome and About GeoServer pages communicate version and revision information
UNKNOWN
GHSA-8hmh-mhqv-7638
PartialBufferOutputStream2 flush issues
MEDIUM 4.5
CVE-2024-34696
GeoServer's Server Status shows sensitive environmental variables and Java properties
MEDIUM 5.3
CVE-2023-41339
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
Ready to move
Start Securing
Free, no credit card | First findings in minutes