Количество 2
Количество 2
CVE-2024-32037
GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. GeoNetwork 4.4.5 and 4.2.10 fix this issue. No known workarounds are available.
GHSA-52rf-25hq-5m33
GeoNetwork search end-point information disclosure in response headers
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-32037 GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. GeoNetwork 4.4.5 and 4.2.10 fix this issue. No known workarounds are available. | 0% Низкий | 12 месяцев назад | |
| GHSA-52rf-25hq-5m33 GeoNetwork search end-point information disclosure in response headers | CVSS3: 5.3 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу