CVE-2022-24816

OSGeo GeoServer JAI-EXT Code Injection Vulnerability

Beschreibung

OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.

Schweregrad: CRITICAL

CVSS-Score: 10

Hersteller: OSGeo

Produkt: JAI-EXT