GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions the welcome and about page includes version and revision information about the software in use (including library and components used). This information is sensitive from a security point of view because it allows software used by the server to be easily identified. This issue has been patched in version 2.26.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Dec 2024 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions the welcome and about page includes version and revision information about the software in use (including library and components used). This information is sensitive from a security point of view because it allows software used by the server to be easily identified. This issue has been patched in version 2.26.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |
Title | Welcome and About GeoServer pages communicate version and revision information | |
Weaknesses | CWE-200 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-12-16T22:18:19.896Z
Updated: 2024-12-17T14:40:36.212Z
Reserved: 2024-05-14T15:39:41.785Z
Link: CVE-2024-35230
Vulnrichment
Updated: 2024-12-17T14:40:16.528Z
NVD
Status : Awaiting Analysis
Published: 2024-12-16T23:15:06.467
Modified: 2024-12-17T15:15:12.403
Link: CVE-2024-35230
Redhat
No data.