CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...

Network defenders have been encouraged to patch a new critical vulnerability in Windows Server Update Services (WSUS) which is being actively exploited. Microsoft issued an out-of-band update to fix ...

Implementation of GeoAPI 3.0 interfaces as wrappers around the GeoTools library. GeoAPI is a set of implementation-neutral interfaces standardized by the Open Geospatial Consortium (OGC). Projects ...

A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a ...

Attackers are currently exploiting a critical vulnerability in GeoServer GeoTools. Security updates are available. The Java library GeoTools can be used to visualize geoinformation. The provider of ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal government agencies to patch a critical vulnerability in a popular open source server that’s being actively exploited ...

CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. GeoServer is an open-source server that allows users to ...

The US government has warned its agencies of critical software vulnerabilities being exploited in a top geospatial data platform. Found by security researcher Steve Ikeoka, the flaws affect the OSGeo ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities (KEV) catalog, based ...

The US cybersecurity agency CISA is urging federal agencies to patch a critical-severity vulnerability in GeoServer as soon as possible, warning of evidence of active exploitation. The bug, tracked as ...