Dirk Oberhaus ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=5a1c7da858003528600c68ee ) *created* an issue
GeoServer ( https://osgeo-org.atlassian.net/browse/GEOS?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) / Bug ( https://osgeo-org.atlassian.net/browse/GEOS-11008?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) GEOS-11008 ( https://osgeo-org.atlassian.net/browse/GEOS-11008?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) CVE-2023-32697 found in GeoServer ( https://osgeo-org.atlassian.net/browse/GEOS-11008?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) Issue Type: Bug Affects Versions: 2.22.2 Assignee: Unassigned Created: 02/Jun/23 9:21 AM Priority: Medium Reporter: Dirk Oberhaus ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=5a1c7da858003528600c68ee ) Hi, our scanner found the CVE-2023-32697 in the GeoServer version 2.22.2. Can this CVE be fixed or can you confirm that this CVE is not exploitable? Kind regards Dirk ( https://osgeo-org.atlassian.net/browse/GEOS-11008#add-comment?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) Add Comment ( https://osgeo-org.atlassian.net/browse/GEOS-11008#add-comment?atlOrigin=eyJpIjoiZTM2YWY3ZTUzZDc0NDJlNzkyNjY2NzIzMWYyOTJjNDQiLCJwIjoiaiJ9 ) Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.core&referrer=utm_source%3DNotificationLink%26utm_medium%3DEmail ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=EmailNotificationLink&mt=8 ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100225- sha1:e03cc87 )
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
