{"id":"CVE-2024-40625","summary":"GeoServer Coverage REST API Allows Server Side Request Forgery","details":"GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allows attackers to upload files with a specified url (with {method} equals 'url') with no restrict. This vulnerability is fixed in 2.26.0.","aliases":["GHSA-r4hf-r8gj-jgw2"],"modified":"2026-04-10T05:15:24.802400Z","published":"2025-06-10T14:49:05.368Z","database_specific":{"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40625.json","cwe_ids":["CWE-918"]},"references":[{"type":"WEB","url":"https://osgeo-org.atlassian.net/browse/GEOS-11468"},{"type":"WEB","url":"https://osgeo-org.atlassian.net/browse/GEOS-11717"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40625.json"},{"type":"ADVISORY","url":"https://github.com/geoserver/geoserver/security/advisories/GHSA-r4hf-r8gj-jgw2"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40625"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/geoserver/geoserver","events":[{"introduced":"0"},{"fixed":"8f9b3e407de0b6a7d30fb9edf68ac6db0071b7bb"}]}],"versions":["2.11-beta","2.21-M0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40625.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L"}]}