CVE-2025-58360

HIGHCISA KEV

8.2

Description

GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.

Details CVE

Score CVSS v3.18.2

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie11/25/2025

Derniere modification12/12/2025

Sourcekev

Observations honeypot0

CISA KEV

FournisseurOSGeo

ProduitGeoServer

Nom vulnerabiliteOSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

Date ajout KEV2025-12-11

Date limite remediation2026-01-01

Utilise dans ransomwareUnknown

Produits affectes

geoserver:geoserver

Faiblesses (CWE)

CWE-611

References

https://github.com/geoserver/geoserver/security/advisories/GHSA-fjf5-xgmq-5525(security-advisories@github.com)

https://osgeo-org.atlassian.net/browse/GEOS-11682(security-advisories@github.com)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-58360(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.