THREATOPS
THREAT OPSCVEs › CVE-2022-24816

CVE-2022-24816 — OSGeo GeoServer JAI-EXT Code Injection Vulnerability

CISA KEVExploited: confirmedOSGeo

OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.

Vulnerability details