GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. The GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. This XPath evaluation is intended to be used only by complex feature types (i.e., Application Schema data stores) but is incorrectly being applied to simple feature types as well which makes this vulnerability apply to **ALL** GeoServer instances. No public PoC is provided but this vulnerability has been confirmed to be exploitable through WFS GetFeature, WFS GetPropertyValue, WMS GetMap, WMS GetFeatureInfo, WMS GetLegendGraphic and WPS Execute requests. This vulnerability can lead to executing arbitrary code. Versions 2.23.6, 2.24.4, and 2.25.2 contain a patch for the issue. A workaround exists by removing the `gt-complex-x.y.jar` file from the GeoServer where `x.y` is the GeoTools version (e.g., `gt-complex-31.1.jar` if running GeoServer 2.25.1). This will remove the vulnerable code from GeoServer but may break some GeoServer functionality or prevent GeoServer from deploying if the gt-complex module is needed.

Privacy Policy

Last Updated: Nov 9 2023

Welcome to Security Links! We are committed to protecting your privacy and ensuring you have a positive experience while using our website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [security-links.hdks.org] (the "Site"). Please read this Privacy Policy carefully. By accessing or using the Site, you agree to the terms of this Privacy Policy. If you do not agree with the practices described in this policy, please do not use the Site.

Information We Collect

We do not collect any personally identifiable information about you unless you voluntarily submit such information to us through contact forms or email subscriptions. The types of information we may collect include:

  • Contact information (such as your name and email address) if you voluntarily provide it to us through contact forms or email subscriptions.
  • Website usage information, including your IP address, browser type, operating system, referring URLs, access times, and pages visited, collected automatically through cookies and other tracking technologies.

How We Use Your Information

We may use the information we collect for various purposes, including:

  • To provide and maintain the Site.
  • To send you newsletters, marketing communications, and other information that may be of interest to you.
  • To respond to your inquiries, comments, or requests.
  • To improve the user experience on our Site.
  • To monitor and analyze usage patterns and trends.

Cookies and Other Tracking Technologies

We use cookies and similar tracking technologies to track the activity on our Site and hold certain information. Cookies are files with small amounts of data that may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.

Disclosure of Your Information

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. We may disclose your information to third-party service providers who assist us in operating our website, conducting our business, or servicing you. These third parties are required to maintain the confidentiality of your information.

Links to Other Websites

Our Site may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

Security

We use reasonable security measures to protect against the loss, misuse, and alteration of the information under our control. However, no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, please contact us at hdks.bug[at]gmail.com.

By using this Site, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use our Site. Your continued use of the Site following the posting of changes to this Privacy Policy will be deemed your acceptance of those changes.