pkg:PyPI/geonode

7 total CVEsHIGH4MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2023-40017GeoNode Server Side Request forgery
    from 0, < a9eebae80cb362009660a1fd49e105e7cdb499b9 | >= 3.2.0, < 4.1.3
  • HIGH7.5CVE-2023-40017GeoNode Server Side Request forgery
    >= 3.2.0, < 4.2.0
  • HIGH7.5CVE-2023-42439GeoNode vulnerable to SSRF Bypass to return internal host data
    >= 3.2.0
  • HIGH7.5CVE-2023-42439GeoNode vulnerable to SSRF Bypass to return internal host data
    >= 3.2.0, < 4.1.3.post1
  • MEDIUM6.5CVE-2023-26043GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
    from 0, < 2fdfe919f299b21f1609bf898f9dcfde58770ac0 | from 0, < 4.0.3
  • MEDIUM6.5CVE-2023-26043GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
    from 0, < 4.0.3
  • MEDIUM6.3CVE-2026-39922GeoNode versions 4.4.5 and 5.0.2 (and prior within their respective releases) contain a server-side request forgery vulnerability in the se…
    >= 4.0.0, < 4.4.5, >= 5.0.0, < 5.0.2