CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Summary
It is possible to bypass the default REST API security and access the index page.
Details
The REST API security handles rest and its subpaths but not rest with an extension (e.g., rest.html).
Impact
The REST API index can disclose whether certain extensions are installed.
Workaround
In ${GEOSERVER_DATA_DIR}/security/config.xml, change the paths for the rest filter to /rest.*,/rest/** and change the paths for the gwc filter to /gwc/rest.*,/gwc/rest/** and restart GeoServer.
References
https://osgeo-org.atlassian.net/browse/GEOS-11664https://osgeo-org.atlassian.net/browse/GEOS-11776https://github.com/geoserver/geoserver/pull/8170
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-h86g-x8mm-78m5
https://nvd.nist.gov/vuln/detail/CVE-2025-27505
https://github.com/geoserver/geoserver/pull/8170
https://osgeo-org.atlassian.net/browse/GEOS-11664
https://osgeo-org.atlassian.net/browse/GEOS-11776
https://github.com/advisories/GHSA-h86g-x8mm-78m5
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
June 10th, 2025 (11 days ago)
|
|
|
Description: Summary
It is possible to bypass the default REST API security and access the index page.
Details
The REST API security handles rest and its subpaths but not rest with an extension (e.g., rest.html).
Impact
The REST API index can disclose whether certain extensions are installed.
Workaround
In ${GEOSERVER_DATA_DIR}/security/config.xml, change the paths for the rest filter to /rest.*,/rest/** and change the paths for the gwc filter to /gwc/rest.*,/gwc/rest/** and restart GeoServer.
References
https://osgeo-org.atlassian.net/browse/GEOS-11664https://osgeo-org.atlassian.net/browse/GEOS-11776https://github.com/geoserver/geoserver/pull/8170
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-h86g-x8mm-78m5
https://nvd.nist.gov/vuln/detail/CVE-2025-27505
https://github.com/geoserver/geoserver/pull/8170
https://osgeo-org.atlassian.net/browse/GEOS-11664
https://osgeo-org.atlassian.net/browse/GEOS-11776
https://github.com/advisories/GHSA-h86g-x8mm-78m5
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
June 10th, 2025 (11 days ago)
|
|
|
Description: Summary
Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service.
Details
The Jiffle language supports multiple loop constructs that will cause its code block to be continuously executed until a certain condition is met. The Jiffle runtime should be updated to throw an exception if the script exceeds a certain number of loop iterations.
Impact
This vulnerability allows attackers to conduct denial-of-service attacks.
Mitigation
This vulnerability can be mitigated by disabling WMS dynamic styling (see WMS Settings).
If the WPS extension is installed, the Jiffle process must also be disabled to mitigate this vulnerability (see WPS Settings)
References
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-gr67-pwcv-76gf
https://nvd.nist.gov/vuln/detail/CVE-2025-30145
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
https://github.com/advisories/GHSA-gr67-pwcv-76gf
CVSS: HIGH (7.5) EPSS Score: 0.05%
June 10th, 2025 (11 days ago)
|
|
|
Description: Summary
Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service.
Details
The Jiffle language supports multiple loop constructs that will cause its code block to be continuously executed until a certain condition is met. The Jiffle runtime should be updated to throw an exception if the script exceeds a certain number of loop iterations.
Impact
This vulnerability allows attackers to conduct denial-of-service attacks.
Mitigation
This vulnerability can be mitigated by disabling WMS dynamic styling (see WMS Settings).
If the WPS extension is installed, the Jiffle process must also be disabled to mitigate this vulnerability (see WPS Settings)
References
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-gr67-pwcv-76gf
https://nvd.nist.gov/vuln/detail/CVE-2025-30145
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
https://github.com/advisories/GHSA-gr67-pwcv-76gf
CVSS: HIGH (7.5) EPSS Score: 0.05%
June 10th, 2025 (11 days ago)
|
|
|
Description: Summary
Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service.
Details
The Jiffle language supports multiple loop constructs that will cause its code block to be continuously executed until a certain condition is met. The Jiffle runtime should be updated to throw an exception if the script exceeds a certain number of loop iterations.
Impact
This vulnerability allows attackers to conduct denial-of-service attacks.
Mitigation
This vulnerability can be mitigated by disabling WMS dynamic styling (see WMS Settings).
If the WPS extension is installed, the Jiffle process must also be disabled to mitigate this vulnerability (see WPS Settings)
References
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-gr67-pwcv-76gf
https://nvd.nist.gov/vuln/detail/CVE-2025-30145
https://github.com/geosolutions-it/jai-ext/pull/307
https://osgeo-org.atlassian.net/browse/GEOS-11778
https://github.com/advisories/GHSA-gr67-pwcv-76gf
CVSS: HIGH (7.5) EPSS Score: 0.05%
June 10th, 2025 (11 days ago)
|
|
Description: Founded in 1972, Rotary is one of the region’s leading oil and gas infrastructure services companies with extensive international experience offering fully inte... - On 31 May 2025, we hacked rotaryeng.com.sg and exfiltrated 4+ TB of data. Today, we make the first disclosure which incl...
June 10th, 2025 (11 days ago)
|
|
|
Description: Mount Rogers Community Services provides Mental Health, Developmental Disability, and Substance Use Services to the people of Bland, Carroll, Grayson, Smyth, and Wythe Counties as well as the City of Galax.
June 10th, 2025 (11 days ago)
|
CVE-2024-38812 |
🚨 Marked as known exploited on June 10th, 2025 (11 days ago).
Description: The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
CVSS: CRITICAL (9.8) EPSS Score: 58.01% SSVC Exploitation: active
June 10th, 2025 (11 days ago)
|
|
CVE-2024-38524 |
Description: GeoServer is an open source server that allows users to share and edit geospatial data. org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users except for a hidden system property to hide the storage locations that defaults to showing the locations. This vulnerability is fixed in 2.26.2 and 2.25.6.
CVSS: MEDIUM (5.3) EPSS Score: 0.04% SSVC Exploitation: none
June 10th, 2025 (11 days ago)
|
|
CVE-2024-37396 |
Description: A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting a crafted payload into the 'Notes' field of a calendar event. This could lead to the execution of malicious scripts when the event is viewed. Updating to version 14.2.1 or later is recommended to remediate this vulnerability.
EPSS Score: 0.02%
June 10th, 2025 (11 days ago)
|