Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1oODZnLXg4bW0tNzhtNc4ABI5w

Moderate EPSS: 0.00745% (0.72053 Percentile) EPSS:
Permalink JSON

GeoServer Missing Authorization on REST API Index

Affected Packages Affected Versions Fixed Versions
maven:org.geoserver:gs-rest < 2.25.6, >= 2.26.0, < 2.26.3 2.25.6, 2.26.3

maven:org.geoserver.web:gs-web-app < 2.25.6, >= 2.26.0, < 2.26.3 2.25.6, 2.26.3

Summary

It is possible to bypass the default REST API security and access the index page.

Details

The REST API security handles rest and its subpaths but not rest with an extension (e.g., rest.html).

Impact

The REST API index can disclose whether certain extensions are installed.

Workaround

In ${GEOSERVER_DATA_DIR}/security/config.xml, change the paths for the rest filter to /rest.*,/rest/** and change the paths for the gwc filter to /gwc/rest.*,/gwc/rest/** and restart GeoServer.

References

https://osgeo-org.atlassian.net/browse/GEOS-11664
https://osgeo-org.atlassian.net/browse/GEOS-11776
https://github.com/geoserver/geoserver/pull/8170

References:

Identifiers

GHSA-h86g-x8mm-78m5

CVE-2025-27505

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00745

EPSS Percentile: 0.72053

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/geoserver/geoserver

Date and time

Published

about 2 months ago

Updated

about 2 months ago

API

JSON