all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-40017 (geonode)

Add to bookmarks
Aug. 24, 2023, 11:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. In versions 3.2.0 through 4.1.2, the endpoint `/proxy/?url=` does not properly protect against server-side request forgery. This allows an attacker to port scan internal hosts and request information from internal hosts. A patch is available at commit a9eebae80cb362009660a1fd49e105e7cdb499b9.

cve data endpoint forgery geospatial geospatial data information internal open source patch platform port port scan protect proxy request scan server server-side request forgery sharing url

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Analyst

@ Dane Street | Palm Beach Gardens, Florida, United States
View on infosec-jobs.com

Program Information System Security Manager (ISSM) - onsite Tucson, AZ - TOP SECRET required

@ RTX | AZ855: RMS AP Bldg M05 1151 East Hermans Road Building M05, Tucson, AZ, 85756 USA
View on infosec-jobs.com

Lead - Business System Service (Workday HR Functional Consultant)

@ Freshworks | Bengaluru, India
View on infosec-jobs.com

Cloud Security Engineer

@ ButterflyMX | United States - Remote
View on infosec-jobs.com

Compliance Specialist

@ Airtable | Austin, Texas or San Francisco, California
View on infosec-jobs.com

Cyber SCRM Cloud Assessor Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs