Osgeo Geonetwork

4 CVEs affecting Osgeo Geonetwork. Latest disclosed: 2026-01-13. Critical: 1, High: 1.

Top CVEs affecting Osgeo Geonetwork
CVESeverityScorePublishedSummary
CVE-2025-30220Critical9.92025-06-10GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema da…
CVE-2021-28398High7.22022-09-05A privileged attacker in GeoNetwork before 3.12.0 and 4.x before 4.0.4 can use the directory harvester before-script to execute arbitrary OS commands remotely…
CVE-2022-50899Medium6.52026-01-13Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server…
CVE-2024-32037Unrated2025-02-11GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers cont…