Login Sign Up

Geoserver Security Vulnerabilities (CVEs)

Track 6 security vulnerabilities affecting Geoserver products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

2 Critical
2 High
2 Medium
🔔 Get Alerts for Geoserver
CVE-2025-21621 6.1

GeoServer versions before 2.25.0 contain a reflected cross-site scripting vulnerability in the WMS GetFeatureInfo HTML output format. Attackers can in...

Nov 25, 2025
CVE-2024-36401 9.8

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on GeoServer instances by sending specially crafted OGC requests....

Jul 1, 2024
CVE-2024-34696 4.5

GeoServer versions 2.10.0 through 2.24.3 and 2.25.0 expose environment variables and Java properties containing sensitive credentials to authenticated...

Jul 1, 2024
CVE-2024-24749 7.5

This vulnerability in GeoServer allows attackers to bypass input validation and read arbitrary classpath resources with specific file extensions when ...

Jul 1, 2024
CVE-2023-41877 7.2

This CVE describes a path traversal vulnerability in GeoServer that allows administrators with access to the admin console to misconfigure log file lo...

Mar 20, 2024
CVE-2022-24846 9.1

This vulnerability in GeoWebCache allows arbitrary code execution via an unchecked JNDI lookup in the disk quota mechanism. Attackers with admin-level...

Apr 14, 2022

Why Monitor Geoserver Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 6+ known vulnerabilities affecting Geoserver products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Geoserver packages in under 60 seconds. No agents required - completely agentless scanning that works across Geoserver deployments.

Free vulnerability database: Access detailed information about every Geoserver CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Geoserver CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Geoserver CVEs Free