Search criteria
3 vulnerabilities by geonetwork
CVE-2022-50899 (GCVE-0-2022-50899)
Vulnerability from cvelistv5 – Published: 2026-01-13 22:51 – Updated: 2026-05-14 02:07
VLAI
Title
Geonetwork 4.2.0 - XML External Entity (XXE)
Summary
Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests.
Severity
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/50982 | exploit |
| https://geonetwork-opensource.org/ | product |
| https://www.vulncheck.com/advisories/geonetwork-x… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GeoNetwork | GeoNetwork |
Affected:
3.10 , ≤ 4.2.0
(custom)
|
Date Public
2022-07-29 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-50899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T15:52:28.159438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T19:20:51.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "GeoNetwork",
"vendor": "GeoNetwork",
"versions": [
{
"lessThanOrEqual": "4.2.0",
"status": "affected",
"version": "3.10",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:osgeo:geonetwork:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.0",
"versionStartIncluding": "3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Amel BOUZIANE-LEBLOND"
}
],
"datePublic": "2022-07-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T02:07:00.169Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-50982",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/50982"
},
{
"name": "GeoNetwork Official Homepage",
"tags": [
"product"
],
"url": "https://geonetwork-opensource.org/"
},
{
"name": "VulnCheck Advisory: Geonetwork 4.2.0 - XML External Entity (XXE)",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/geonetwork-xml-external-entity-xxe"
}
],
"title": "Geonetwork 4.2.0 - XML External Entity (XXE)",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2022-50899",
"datePublished": "2026-01-13T22:51:45.416Z",
"dateReserved": "2026-01-10T15:05:18.988Z",
"dateUpdated": "2026-05-14T02:07:00.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-32037 (GCVE-0-2024-32037)
Vulnerability from cvelistv5 – Published: 2025-02-11 21:50 – Updated: 2025-02-12 15:37
VLAI
Title
GeoNetwork vulnerable to search end-point information disclosure in response headers
Summary
GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. GeoNetwork 4.4.5 and 4.2.10 fix this issue. No known workarounds are available.
Severity
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/geonetwork/core-geonetwork/sec… | x_refsource_CONFIRM |
| https://docs.geonetwork-opensource.org/4.4/api/search | x_refsource_MISC |
| https://github.com/geonetwork/core-geonetwork/rel… | x_refsource_MISC |
| https://github.com/geonetwork/core-geonetwork/rel… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| geonetwork | core-geonetwork |
Affected:
< 4.2.10
Affected: >= 4.4.0, < 4.4.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32037",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:37:36.526856Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T15:37:46.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core-geonetwork",
"vendor": "geonetwork",
"versions": [
{
"status": "affected",
"version": "\u003c 4.2.10"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. GeoNetwork 4.4.5 and 4.2.10 fix this issue. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T21:50:29.138Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/geonetwork/core-geonetwork/security/advisories/GHSA-52rf-25hq-5m33",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/geonetwork/core-geonetwork/security/advisories/GHSA-52rf-25hq-5m33"
},
{
"name": "https://docs.geonetwork-opensource.org/4.4/api/search",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.geonetwork-opensource.org/4.4/api/search"
},
{
"name": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.2.10",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.2.10"
},
{
"name": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.4.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/geonetwork/core-geonetwork/releases/tag/4.4.5"
}
],
"source": {
"advisory": "GHSA-52rf-25hq-5m33",
"discovery": "UNKNOWN"
},
"title": "GeoNetwork vulnerable to search end-point information disclosure in response headers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32037",
"datePublished": "2025-02-11T21:50:29.138Z",
"dateReserved": "2024-04-09T15:29:35.939Z",
"dateUpdated": "2025-02-12T15:37:46.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5513 (GCVE-0-2006-5513)
Vulnerability from cvelistv5 – Published: 2006-10-26 16:00 – Updated: 2024-08-07 19:55
VLAI
Summary
SQL injection vulnerability in GeoNetwork opensource before 2.0.3 allows remote attackers to execute arbitrary SQL commands, and complete a login, via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/22502 | third-party-advisoryx_refsource_SECUNIA |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2006/4151 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/20671 | vdb-entryx_refsource_BID |
Date Public
2006-10-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22502",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22502"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=457195"
},
{
"name": "ADV-2006-4151",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4151"
},
{
"name": "geonetwork-unspecified-sql-injection(29771)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29771"
},
{
"name": "20671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in GeoNetwork opensource before 2.0.3 allows remote attackers to execute arbitrary SQL commands, and complete a login, via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22502",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22502"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=457195"
},
{
"name": "ADV-2006-4151",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4151"
},
{
"name": "geonetwork-unspecified-sql-injection(29771)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29771"
},
{
"name": "20671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in GeoNetwork opensource before 2.0.3 allows remote attackers to execute arbitrary SQL commands, and complete a login, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22502",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22502"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=457195",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=457195"
},
{
"name": "ADV-2006-4151",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4151"
},
{
"name": "geonetwork-unspecified-sql-injection(29771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29771"
},
{
"name": "20671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5513",
"datePublished": "2006-10-26T16:00:00.000Z",
"dateReserved": "2006-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:53.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}