CVE-2024-38524: GWC Home Page communicate version and revision information
The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified.
References
- github.com/GeoWebCache/geowebcache/issues/1344
- github.com/GeoWebCache/geowebcache/pull/1345
- github.com/advisories/GHSA-jm79-7xhw-6f6f
- github.com/geoserver/geoserver
- github.com/geoserver/geoserver/pull/8189
- github.com/geoserver/geoserver/security/advisories/GHSA-jm79-7xhw-6f6f
- nvd.nist.gov/vuln/detail/CVE-2024-38524
- osgeo-org.atlassian.net/browse/GEOS-11677
Code Behaviors & Features
Detect and mitigate CVE-2024-38524 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →