Category Archives: Vulnerability

Remote Execution Vulnerability

GeoServer has encountered an remote execution vulnerability in the REST API (used for remote administration). This vulnerability GEOS-7124 is addressed in the following scheduled releases: GeoServer 2.8.0 – stable GeoServer 2.7.3 – maintenance GeoServer 2.6.5 – archived Thanks to Andrea Aime (GeoSolutions) and Kevin Smith (Boundless) for both fixing this issue and back porting to […]

GeoServer XEE Vulnerability

GeoServer has encountered an XML External Entity (XEE) vulnerability permitting an unauthenticated read access to server files. This vulnerability GEOS-7032 is addressed in the following releases and we strongly encourage all users to upgrade: GeoServer 2.7.1.1 (bin, war, dmg and exe) – stable release GeoServer 2.6.4 (bin, war, dmg and exe) – maintenance release GeoServer 2.5.5.1 (bin, war, and exe) Thanks to Ben Caradoc-Davies […]

Download GeoServer