Serial number: AV24-373
Date: July 8, 2024
Between June 13 and 18, 2024, GeoServer published security advisories to address critical vulnerabilities in the following products:
- GeoServer – 2.25.0 versions prior to 2.25.2, 2.24.0 versions prior to 2.24.4 and versions prior to 2.23.6
- GeoTools – 31.0 versions prior to 31.2, 30.0 versions prior to 30.4 and versions prior to 29.6
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
NSFOCUS has indicated that these vulnerabilities have available exploitsFootnote 1.