Launch Week Day 1: Announcing Security Design Review
Start for Free
maven

org.geoserver:gs-wms

View on maven registry
8 Total advisories
8 Vulnerabilities
0 Malware

Vulnerabilities

CRITICAL 9.8
Maven KEV

CVE-2024-36401

Remote Code Execution (RCE) vulnerability in geoserver
HIGH 8.2
Maven KEV

CVE-2025-58360

GeoServer is vulnerable to Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature
MEDIUM 6.1
Maven

CVE-2025-21621

GeoServer has a Reflected Cross-Site Scripting (XSS) vulnerability in its WMS GetFeatureInfo HTML format
HIGH 7.5
Maven

CVE-2025-30145

GeoServer Infinite Loop Vulnerability in Jiffle process
MEDIUM 4.8
Maven

CVE-2024-23642

GeoServer's Simple SVG Renderer vulnerable to Stored Cross-Site Scripting (XSS)
MEDIUM 4.8
Maven

CVE-2024-23818

GeoServer's WMS OpenLayers Format vulnerable to Stored Cross-Site Scripting (XSS)
MEDIUM 5.3
Maven

CVE-2023-41339

Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
CRITICAL 9.8
Maven

CVE-2023-35042

GeoServer RCE due to improper control of generation of code in jai-ext`Jiffle` map algebra language

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes