CVE-2024-29198 | GeoServer up to 2.24.3/2.25.1 Demo Request Endpoint server-side request forgery (GHSA-5gw5-jccf-6hxw)

Inserito da Angelo Barbosa | Giu 10, 2025 | CVE

A vulnerability classified as critical has been found in GeoServer up to 2.24.3/2.25.1. This affects an unknown part of the component Demo Request Endpoint. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2024-29198. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29198 | GeoServer up to 2.24.3/2.25.1 Demo Request Endpoint server-side request forgery (GHSA-5gw5-jccf-6hxw)

Post correlati

CVE-2024-3523 | Campcodes Online Event Management System 1.0 /views/index.php ID sql injection

CVE-2024-34612 | Samsung Devices libcodec2secmp4vdec.so heap-based overflow

CVE-2023-40297 | Stakater Forecastle up to 1.0.139 Website path traversal

CVE-2025-0586 | aEnrich Technology a+HRD up to 7.5 deserialization