GeoServer security advisory (AV24-373)

From: Canadian Centre for Cyber Security

Serial number: AV24-373
Date: July 8, 2024

Between June 13 and 18, 2024, GeoServer published security advisories to address critical vulnerabilities in the following products:

  • GeoServer – 2.25.0 versions prior to 2.25.2, 2.24.0 versions prior to 2.24.4 and versions prior to 2.23.6
  • GeoTools – 31.0 versions prior to 31.2, 30.0 versions prior to 30.4 and versions prior to 29.6

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

NSFOCUS has indicated that these vulnerabilities have available exploitsFootnote 1.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: